vulnerability summary for the week of november 24, 2014...apptha -- contus_video_gallery multiple...
Post on 22-Jun-2020
1 Views
Preview:
TRANSCRIPT
Vulnerability Summary for the Week of November 24, 2014Please Note:
• The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low.
• The CVE indentity number is the publicly known ID given to that particular vulnerability. Therefore you can
search the status of that particular vulnerability using that ID.
• The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the
severity of the vulnerability.
High Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published
CVSS Score
The CVE Identity
adobe -- air Adobe Flash Player before 13.0.0.258 and 14.x
and 15.x before 15.0.0.239 on Windows and OS X
and before 11.2.202.424 on Linux, Adobe AIR
before 15.0.0.293, Adobe AIR SDK before
15.0.0.302, and Adobe AIR SDK & Compiler
before 15.0.0.302 allow attackers to execute
arbitrary code or cause a denial of service
(invalid pointer dereference) via unspecified
vectors.
2014-11-25 7.5 CVE-2014-8439
apptha --
contus_video_gallery
Multiple SQL injection vulnerabilities in the
Apptha WordPress Video Gallery (contus-video-
gallery) plugin 2.5, possibly as distributed before
2014-07-23, for WordPress allow (1) remote
attackers to execute arbitrary SQL commands via
the vid parameter in a myextract action to wp-
admin/admin-ajax.php or (2) remote
authenticated users to execute arbitrary SQL
commands via the playlistId parameter in the
newplaylist page or (3) videoId parameter in a
newvideo page to wp-admin/admin.php.
2014-11-26 7.5 CVE-2014-9097BID (link is external)MISC (link is external)
arris -- vap2500_firmware Unspecified vulnerability in the management
portal in ARRIS VAP2500 before FW08.41 allows
remote attackers to execute arbitrary commands
via unknown vectors.
2014-11-28 10.0 CVE-2014-8423MISC (link is external)
arris -- vap2500_firmware ARRIS VAP2500 before FW08.41 does not
properly validate passwords, which allows
remote attackers to bypass authentication.
2014-11-28 7.8 CVE-2014-8424MISC (link is external)
arris -- vap2500_firmware The management portal in ARRIS VAP2500
before FW08.41 allows remote attackers to
obtain credentials by reading the configuration
files.
2014-11-28 7.8 CVE-2014-8425MISC (link is external)
arubanetworks --
clearpass_policy_manage
r
SQL injection vulnerability in Aruba Networks
ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x
before 6.3.6, and 6.4.x before 6.4.2 allows remote
attackers to execute arbitrary SQL commands via
unspecified vectors.
2014-11-25 7.5 CVE-2014-8367XF (link is external)SECUNIA (link is external)
arubanetworks -- airwave The web interface in Aruba Networks AirWave
before 7.7.14 and 8.x before 8.0.5 allows remote
authenticated users to gain privileges and
execute arbitrary commands via unspecified
vectors.
2014-11-25 9.0 CVE-2014-8368XF (link is external)SECUNIA (link is external)
cisco -- openh264 Buffer overflow in decode.cpp in Cisco
OpenH264 1.2.0 and earlier allows remote
attackers to execute arbitrary code via an
encoded media file.
2014-11-25 7.5 CVE-2014-8001
cisco -- openh264 Use-after-free vulnerability in decode_slice.cpp
in Cisco OpenH264 1.2.0 and earlier allows
remote attackers to execute arbitrary code via an
encoded media file.
2014-11-25 7.5 CVE-2014-8002
cononical -- ubuntu mountall 1.54, as used in Ubuntu 14.10, does not
properly handle the umask when using the
mount utility, which allows local users to bypass
intended access restrictions via unspecified
vectors.
2014-11-25 7.2 CVE-2014-1421
cybozu -- dezie Buffer overflow in Cybozu Office 9 and 10 before
10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8
before 8.1.1 allows remote authenticated users
2014-11-23 9.0 CVE-2014-5314JVNDB (link is external)JVN (link is external)
to execute arbitrary code via e-mail messages.
dell -- sonicwall_analyzer The ViewPoint web application in Dell
SonicWALL Global Management System (GMS)
before 7.2 SP2, SonicWALL Analyzer before 7.2
SP2, and SonicWALL UMA before 7.2 SP2 allows
remote authenticated users to execute arbitrary
code via unspecified vectors.
2014-11-25 9.0 CVE-2014-8420MISC (link is external)
digium -- asterisk The res_pjsip_acl module in Asterisk Open
Source 12.x before 12.7.1 and 13.x before 13.0.1
does properly create and load ACLs defined in
pjsip.conf at startup, which allows remote
attackers to bypass intended PJSIP ACL rules.
2014-11-24 7.5 CVE-2014-8413
digium -- asterisk The DB dialplan function in Asterisk Open Source
1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x
before 12.7.1, and 13.x before 13.0.1 and
Certified Asterisk 1.8 before 1.8.28-cert8 and
11.6 before 11.6-cert8 allows remote
authenticated users to gain privileges via a call
from an external protocol, as demonstrated by
the AMI protocol.
2014-11-24 9.0 CVE-2014-8418
documentfoundation --
libreoffice
LibreOffice before 4.3.5 allows remote attackers
to cause a denial of service (invalid write
operation and crash) and possibly execute
arbitrary code via a crafted RTF file.
2014-11-26 7.5 CVE-2014-9093CONFIRMMLIST (link is external)MLIST (link is external)
enalean -- tuleap Enalean Tuleap before 7.5.99.6 allows remote
attackers to execute arbitrary commands via the
User-Agent header, which is provided to the
passthru PHP function.
2014-11-28 9.3 CVE-2014-7178MISC (link is external)FULLDISC
flac -- libflac Stack-based buffer overflow in
stream_decoder.c in libFLAC before 1.3.1 allows
remote attackers to execute arbitrary code via a
crafted .flac file.
2014-11-26 7.5 CVE-2014-8962MISCCONFIRMBUGTRAQ (link is external)MISC (link is external)
flac -- libflac Heap-based buffer overflow in stream_decoder.c
in libFLAC before 1.3.1 allows remote attackers
to execute arbitrary code via a crafted .flac file.
2014-11-26 7.5 CVE-2014-9028MISCCONFIRMBUGTRAQ (link is external)
MISC (link is external)
gogits -- gogs SQL injection vulnerability in the GetIssues
function in models/issue.go in Gogs (aka Go Git
Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025
Beta allows remote attackers to execute arbitrary
SQL commands via the label parameter to
user/repos/issues.
2014-11-21 7.5 CVE-2014-8681CONFIRM (linkis external)XF (link is external)EXPLOIT-DB (link is external)FULLDISCMISC (link is external)CONFIRM (linkis external)
gogits -- gogs Multiple SQL injection vulnerabilities in Gogs
(aka Go Git Service) 0.3.1-9 through 0.5.x before
0.5.6.1105 Beta allow remote attackers to
execute arbitrary SQL commands via the q
parameter to (1) api/v1/repos/search, which is
not properly handled in models/repo.go, or (2)
api/v1/users/search, which is not properly
handled in models/user.go.
2014-11-21 7.5 CVE-2014-8682CONFIRM (linkis external)XF (link is external)BID (link is external)BUGTRAQ (link is external)EXPLOIT-DB (link is external)FULLDISCMISC (link is external)CONFIRM (linkis external)
justsystems -- ichitaro Unspecified vulnerability in JustSystems Ichitaro
2008 through 2011; Ichitaro Government 6, 7,
2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2;
Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro
2013 Gen; and Ichitaro 2014 Tetsu allows remote
attackers to execute arbitrary code via a crafted
file.
2014-11-25 10.0 CVE-2014-7247JVNDB (link is external)JVN (link is external)
manageengine -- oputils The ConfigSaveServlet servlet in ManageEngine
OpUtils before build 71024 allows remote
attackers to "disclose" files via a crafted
filename, related to "saveFile."
2014-11-25 7.8 CVE-2014-8678MISC (link is external)
mantisbt -- mantisbt Multiple SQL injection vulnerabilities in
view_all_bug_page.php in MantisBT before
1.2.18 allow remote attackers to execute
arbitrary SQL commands via the (1) sort or (2) dir
2014-11-28 7.5 CVE-2014-9089MLIST (link is external)MLIST (link is external)
parameter to view_all_set.php.
moodle -- moodle The generate_password function in Moodle
through 2.4.11, 2.5.x before 2.5.9, 2.6.x before
2.6.6, and 2.7.x before 2.7.3 does not provide a
sufficient number of possible temporary
passwords, which allows remote attackers to
obtain access via a brute-force attack.
2014-11-24 7.5 CVE-2014-7845MLIST (link is external)
php -- php Stack-based buffer overflow in the
date_from_ISO8601 function in
ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before
5.2.7 allows remote attackers to cause a denial of
service (application crash) or possibly execute
arbitrary code by including a timezone field in a
date, leading to improper XML-RPC encoding.
2014-11-22 7.5 CVE-2014-8626CONFIRM (linkis external)CONFIRM (linkis external)CONFIRM (linkis external)MLIST (link is external)CONFIRM (linkis external)
pligg -- pligg_cms Multiple SQL injection vulnerabilities in
recover.php in Pligg CMS 2.0.1 and earlier allow
remote attackers to execute arbitrary SQL
commands via the (1) id or (2) n parameter.
2014-11-26 7.5 CVE-2014-9096CONFIRM (linkis external)CONFIRM (linkis external)BID (link is external)FULLDISCMISC (link is external)
raritan -- power_iq Multiple SQL injection vulnerabilities in Raritan
Power IQ 4.1.0 and 4.2.1 allow remote attackers
to execute arbitrary SQL commands via the (1)
sort or (2) dir parameter to license/records.
2014-11-26 7.5 CVE-2014-9095SECUNIA (link is external)FULLDISCMISC (link is external)
siemens -- simatic_pcs7 The WinCC server in Siemens SIMATIC WinCC 7.0
through SP3, 7.2 before Update 9, and 7.3 before
Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0
through SP2, and 8.1; and TIA Portal 13 before
Update 6 allows remote attackers to execute
arbitrary code via crafted packets.
2014-11-26 10.0 CVE-2014-8551
wibu --
codemeter_runtime
Wibu-Systems CodeMeter Runtime before 5.20
uses weak permissions (read and write access for
all users) for codemeter.exe, which allows local
users to gain privileges via a Trojan horse file.
2014-11-26 7.2 CVE-2014-8419BUGTRAQ (link is external)MISC (link is external)
xen -- xen The do_mmu_update function in arch/x86/mm.c
in Xen 3.2.x through 4.4.x does not properly
manage page references, which allows remote
domains to cause a denial of service by
leveraging control over an HVM guest and a
crafted MMU_MACHPHYS_UPDATE.
2014-11-24 7.1 CVE-2014-9030XF (link is external)BID (link is external)
Medium Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published CVSSScore
The CVE Identity
cisco --
adaptive_security_a
ppliance_software
The SSL VPN implementation in Cisco Adaptive
Security Appliance (ASA) Software 9.3(.2) and
earlier does not properly allocate memory blocks
during HTTP packet handling, which allows remote
attackers to cause a denial of service (memory
consumption) via crafted packets, aka Bug ID
CSCuq68888.
2014-11-27 5.0 CVE-2014-3407
cisco -- ios_xr Cisco IOS XR allows remote attackers to cause a
denial of service (LISP process reload) by
establishing many LISP TCP sessions, aka Bug ID
CSCuq90378.
2014-11-25 5.0 CVE-2014-8004
cisco -- ios_xr Race condition in the lighttpd module in Cisco IOS
XR 5.1 and earlier on Network Convergence System
6000 devices allows remote attackers to cause a
denial of service (process reload) by establishing
many TCP sessions, aka Bug ID CSCuq45239.
2014-11-25 5.0 CVE-2014-8005
digitalzoomstudio --
video_gallery
Multiple cross-site scripting (XSS) vulnerabilities in
deploy/designer/preview.php in the Digital Zoom
Studio (DZS) Video Gallery plugin for WordPress
allow remote attackers to inject arbitrary web script
or HTML via the (1) swfloc or (2) designrand
parameter.
2014-11-26 4.3 CVE-2014-9094MISC (link is external)FULLDISC
digium -- asterisk The res_pjsip_pubsub module in Asterisk Open
Source 12.x before 12.5.1 allows remote
authenticated users to cause a denial of service
(crash) via crafted headers in a SIP SUBSCRIBE
request for an event package.
2014-11-26 4.0 CVE-2014-6609
digium -- asterisk Asterisk Open Source 11.x before 11.12.1 and 12.x
before 12.5.1 and Certified Asterisk 11.6 before
11.6-cert6, when using the res_fax_spandsp
module, allows remote authenticated users to
2014-11-26 4.0 CVE-2014-6610
cause a denial of service (crash) via an out of call
message, which is not properly handled in the
ReceiveFax dialplan application.
digium -- asterisk The (1) VoIP channel drivers, (2) DUNDi, and (3)
Asterisk Manager Interface (AMI) in Asterisk Open
Source 1.8.x before 1.8.32.1, 11.x before 11.14.1,
12.x before 12.7.1, and 13.x before 13.0.1 and
Certified Asterisk 1.8.28 before 1.8.28-cert3 and
11.6 before 11.6-cert8 allows remote attackers to
bypass the ACL restrictions via a packet with a
source IP that does not share the address family as
the first ACL entry.
2014-11-24 5.0 CVE-2014-8412
digium -- asterisk ConfBridge in Asterisk 11.x before 11.14.1 and
Certified Asterisk 11.6 before 11.6-cert8 does not
properly handle state changes, which allows
remote attackers to cause a denial of service
(channel hang and memory consumption) by
causing transitions to be delayed, which triggers a
state change from hung up to waiting for media.
2014-11-24 5.0 CVE-2014-8414CONFIRM
digium -- asterisk Race condition in the chan_pjsip channel driver in
Asterisk Open Source 12.x before 12.7.1 and 13.x
before 13.0.1 allows remote attackers to cause a
denial of service (assertion failure and crash) via a
cancel request for a SIP session with a queued
action to (1) answer a session or (2) send ringing.
2014-11-24 5.0 CVE-2014-8415
digium -- asterisk Use-after-free vulnerability in the PJSIP channel
driver in Asterisk Open Source 12.x before 12.7.1
and 13.x before 13.0.1, when using the
res_pjsip_refer module, allows remote attackers to
cause a denial of service (crash) via an in-dialog
INVITE with Replaces message, which triggers the
channel to be hung up.
2014-11-24 5.0 CVE-2014-8416
digium -- asterisk ConfBridge in Asterisk 11.x before 11.14.1, 12.x
before 12.7.1, and 13.x before 13.0.1 and Certified
Asterisk 11.6 before 11.6-cert8 allows remote
authenticated users to (1) gain privileges via vectors
related to an external protocol to the CONFBRIDGE
dialplan function or (2) execute arbitrary system
2014-11-24 6.5 CVE-2014-8417
commands via a crafted ConfbridgeStartRecord AMI
action.
directwebremoting
--
direct_web_remoti
ng
The (1) DOMConverter, (2) JDOMConverter, (3)
DOM4JConverter, and (4) XOMConverter functions
in Direct Web Remoting (DWR) through 2.0.10 and
3.x through 3.0.RC2 allow remote attackers to read
arbitrary files via DOM data containing an XML
external entity declaration in conjunction with an
entity reference, related to an XML External Entity
(XXE) issue.
2014-11-23 5.0 CVE-2014-5325JVNDB (link is external)JVN (link is external)
directwebremoting
--
direct_web_remoti
ng
Cross-site scripting (XSS) vulnerability in Direct Web
Remoting (DWR) through 2.0.10 and 3.x through
3.0.RC2 allows remote attackers to inject arbitrary
web script or HTML via unspecified vectors.
2014-11-23 4.3 CVE-2014-5326JVNDB (link is external)JVN (link is external)
drupal -- drupal Drupal 6.x before 6.34 and 7.x before 7.34 allows
remote attackers to hijack sessions via a crafted
request, as demonstrated by a crafted request to a
server that supports both HTTP and HTTPS sessions.
2014-11-24 6.8 CVE-2014-9015MLIST (link is external)MLIST (link is external)DEBIANSECUNIA (link is external)
drupal -- drupal The password hashing API in Drupal 7.x before 7.34
and the Secure Password Hashes (aka phpass)
module 6.x-2.x before 6.x-2.1 for Drupal allows
remote attackers to cause a denial of service (CPU
and memory consumption) via a crafted request.
2014-11-24 5.0 CVE-2014-9016MLIST (link is external)MLIST (link is external)MLIST (link is external)DEBIANSECUNIA (link is external)
dukapress_project
-- dukapress
Directory traversal vulnerability in the
dp_img_resize function in php/dp-functions.php in
the DukaPress plugin before 2.5.4 for WordPress
allows remote attackers to read arbitrary files via a ..
(dot dot) in the src parameter to lib/dp_image.php.
2014-11-28 5.0 CVE-2014-8799XF (link is external)EXPLOIT-DB (link is external)MISC (link is external)
gnu -- glibc The wordexp function in GNU C Library (aka glibc)
2.21 does not enforce the WRDE_NOCMD flag,
which allows context-dependent attackers to
execute arbitrary commands, as demonstrated by
input containing "$((`...`))".
2014-11-24 4.3 CVE-2014-7817CONFIRMCONFIRMXF (link is external)BID (link is
external)MLIST
gogits -- gogs Cross-site scripting (XSS) vulnerability in
models/issue.go in Gogs (aka Go Git Service) 0.3.1-9
through 0.5.x before 0.5.8 allows remote attackers
to inject arbitrary web script or HTML via the text
parameter to api/v1/markdown.
2014-11-21 4.3 CVE-2014-8683XF (link is external)BUGTRAQ (link is external)FULLDISCMISC (link is external)CONFIRM (linkis external)
huawei --
e3236_firmware
Multiple cross-site request forgery (CSRF)
vulnerabilities in Huawei HiLink E3276 and E3236
TCPU before V200R002B470D13SP00C00 and
WebUI before V100R007B100D03SP01C03, E5180s-
22 before 21.270.21.00.00, and E586Bs-2 before
21.322.10.00.889 allow remote attackers to hijack
the authentication of users for requests that (1)
modify configurations, (2) send SMS messages, or
have other unspecified impact via unknown
vectors.
2014-11-21 6.8 CVE-2014-5395BID (link is external)
ibm --
sterling_selling_and
_fulfillment_founda
tion
Sterling Order Management in IBM Sterling Selling
and Fulfillment Suite 9.3.0 before FP8 allows
remote authenticated users to cause a denial of
service (CPU consumption) via a '\0' character.
2014-11-22 4.0 CVE-2014-4807XF (link is external)
ibm --
qradar_risk_manag
er
Cross-site request forgery (CSRF) vulnerability in
IBM Security QRadar SIEM and QRadar Risk Manager
7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1,
and QRadar Vulnerability Manager 7.2 before 7.2.4
Patch 1, allows remote attackers to hijack the
authentication of arbitrary users for requests that
insert XSS sequences.
2014-11-27 6.8 CVE-2014-4829XF (link is external)
ibm --
qradar_risk_manag
er
IBM Security QRadar SIEM and QRadar Risk Manager
7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1,
and QRadar Vulnerability Manager 7.2 before 7.2.4
Patch 1, allow remote attackers to hijack sessions
via unspecified vectors.
2014-11-27 5.8 CVE-2014-4831XF (link is external)
ibm --
qradar_risk_manag
er
IBM Security QRadar SIEM and QRadar Risk Manager
7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1,
and QRadar Vulnerability Manager 7.2 before 7.2.4
2014-11-27 4.3 CVE-2014-4832XF (link is external)
Patch 1, allow remote attackers to obtain sensitive
cookie information by sniffing the network during
an HTTP session.
ibm --
qradar_risk_manag
er
IBM Security QRadar SIEM and QRadar Risk Manager
7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1,
and QRadar Vulnerability Manager 7.2 before 7.2.4
Patch 1, place credentials in URLs, which allows
remote attackers to obtain sensitive information by
reading (1) web-server access logs, (2) web-server
Referer logs, or (3) the browser history.
2014-11-27 5.0 CVE-2014-6075XF (link is external)
ibm --
security_network_p
rotection_xgs_5000
IBM Security Network Protection 5.1 before 5.1.0.0
FP13, 5.1.1 before 5.1.1.0 FP8, 5.1.2 before 5.1.2.0
FP9, 5.1.2.1 before FP5, 5.2 before 5.2.0.0 FP5, and
5.3 before 5.3.0.0 FP1 on XGS devices allows remote
authenticated users to execute arbitrary commands
via unspecified vectors.
2014-11-22 4.0 CVE-2014-6183CONFIRM (linkis external)
ibm --
web_experience_fa
ctory
Cross-site scripting (XSS) vulnerability in IBM Web
Experience Factory (WEF) 6.1.5 through 8.5.0.1, as
used in WebSphere Dashboard Framework (WDF)
and Lotus Widget Factory (LWF), allows remote
attackers to inject arbitrary web script or HTML by
leveraging a Dojo builder error in an unspecified
WebSphere Portal configuration, leading to
improper construction of a response page by an
application.
2014-11-25 4.3 CVE-2014-6196XF (link is external)AIXAPAR (link is external)AIXAPAR (link is external)AIXAPAR (link is external)AIXAPAR (link is external)AIXAPAR (link is external)
iwip_project -- iwip resolv.c in the DNS resolver in uIP, and dns.c in the
DNS resolver in lwIP 1.4.1 and earlier, does not use
random values for ID fields and source ports of DNS
query packets, which makes it easier for man-in-
the-middle attackers to conduct cache-poisoning
attacks via spoofed reply packets.
2014-11-27 5.0 CVE-2014-4883CERT-VN
jexperts --
channel_platform
JExperts Channel Platform 5.0.33_CCB allows
remote authenticated users to bypass access
restrictions via crafted action and key parameters.
2014-11-25 6.5 CVE-2014-8558FULLDISCMISC (link is external)
jqueryui -- jquery_ui Cross-site scripting (XSS) vulnerability in
jquery.ui.dialog.js in the Dialog widget in jQuery UI
before 1.10.0 allows remote attackers to inject
2014-11-24 4.3 CVE-2010-5312XF (link is external)MLIST
arbitrary web script or HTML via the title option. MLIST
jqueryui -- jquery_ui Cross-site scripting (XSS) vulnerability in the default
content option in jquery.ui.tooltip.js in the Tooltip
widget in jQuery UI before 1.10.0 allows remote
attackers to inject arbitrary web script or HTML via
the title attribute, which is not properly handled in
the autocomplete combo box demo.
2014-11-24 4.3 CVE-2012-6662XF (link is external)MLISTMLIST
kunena -- kunena Multiple SQL injection vulnerabilities in the Kunena
component before 3.0.6 for Joomla! allow remote
authenticated users to execute arbitrary SQL
commands via the index value in an array
parameter, as demonstrated by the topics[]
parameter in an unfavorite action to index.php.
2014-11-26 6.5 CVE-2014-9102BID (link is external)MISC (link is external)
kunena -- kunena Multiple cross-site scripting (XSS) vulnerabilities in
the Kunena component before 3.0.6 for Joomla!
allow remote attackers to inject arbitrary web script
or HTML via the (1) index value of an array
parameter or the filename parameter in the
Content-Disposition header to the (2) file or (3)
profile image upload functionality.
2014-11-26 4.3 CVE-2014-9103BID (link is external)MISC (link is external)
mantisbt -- mantisbt MantisBT before 1.2.18 allows remote
authenticated users to bypass the
$g_download_attachments_threshold and
$g_view_attachments_threshold restrictions and
read attachments for private projects by leveraging
access to a project that does not restrict access to
attachments and a request to the download URL.
2014-11-24 4.0 CVE-2014-8988XF (link is external)BID (link is external)MLIST (link is external)CONFIRMMLIST
matrikonopc --
dnp3_opc_server
MatrikonOPC OPC Server for DNP3 1.2.3 and earlier
allows remote attackers to cause a denial of service
(unhandled exception and DNP3 process crash) via
a crafted message.
2014-11-27 5.0 CVE-2014-5426MISC
moodle -- moodle lib/classes/grades_external.php in Moodle 2.7.x
before 2.7.3 does not consider the
moodle/grade:viewhidden capability before
displaying hidden grades, which allows remote
authenticated users to obtain sensitive information
by leveraging the student role to access the
get_grades web service.
2014-11-24 4.0 CVE-2014-7831MLIST (link is external)CONFIRM
moodle -- moodle mod/lti/launch.php in the LTI module in Moodle
through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6,
and 2.7.x before 2.7.3 performs access control at the
course level rather than at the activity level, which
allows remote authenticated users to bypass the
mod/lti:view capability requirement by viewing an
activity instance.
2014-11-24 4.0 CVE-2014-7832MLIST (link is external)CONFIRM
moodle -- moodle mod/data/edit.php in Moodle through 2.4.11, 2.5.x
before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before
2.7.3 sets a certain group ID to zero upon a
database-entry change, which allows remote
authenticated users to obtain sensitive information
by accessing the database after an edit by a
teacher.
2014-11-24 4.0 CVE-2014-7833MLIST (link is external)CONFIRM
moodle -- moodle mod/forum/externallib.php in Moodle 2.6.x before
2.6.6 and 2.7.x before 2.7.3 does not verify group
permissions, which allows remote authenticated
users to access a forum via the
forum_get_discussions web service.
2014-11-24 4.0 CVE-2014-7834MLIST (link is external)CONFIRM
moodle -- moodle Multiple cross-site request forgery (CSRF)
vulnerabilities in the LTI module in Moodle through
2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and
2.7.x before 2.7.3 allow remote attackers to hijack
the authentication of arbitrary users for a (1)
mod/lti/request_tool.php or (2)
mod/lti/instructor_edit_tool_type.php request.
2014-11-24 6.8 CVE-2014-7836MLIST (link is external)
moodle -- moodle mod/wiki/admin.php in Moodle through 2.4.11,
2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x
before 2.7.3 allows remote authenticated users to
remove wiki pages by leveraging delete access
within a different subwiki.
2014-11-24 5.5 CVE-2014-7837MLIST (link is external)
moodle -- moodle Multiple cross-site request forgery (CSRF)
vulnerabilities in the Forum module in Moodle
through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6,
and 2.7.x before 2.7.3 allow remote attackers to
hijack the authentication of arbitrary users for
requests that set a tracking preference within (1)
mod/forum/deprecatedlib.php, (2)
2014-11-24 6.8 CVE-2014-7838MLIST (link is external)
mod/forum/forum.js, (3) mod/forum/index.php, or
(4) mod/forum/lib.php.
moodle -- moodle tag/tag_autocomplete.php in Moodle through
2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and
2.7.x before 2.7.3 does not consider the
moodle/tag:edit capability before adding a tag,
which allows remote authenticated users to bypass
intended access restrictions via an AJAX request.
2014-11-24 4.0 CVE-2014-7846MLIST (link is external)
moodle -- moodle iplookup/index.php in Moodle through 2.4.11, 2.5.x
before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before
2.7.3 allows remote attackers to cause a denial of
service (resource consumption) by triggering the
calculation of an estimated latitude and longitude
for an IP address.
2014-11-24 5.0 CVE-2014-7847MLIST (link is external)
moodle -- moodle lib/phpunit/bootstrap.php in Moodle 2.6.x before
2.6.6 and 2.7.x before 2.7.3 allows remote attackers
to obtain sensitive information via a direct request,
which reveals the full path in an error message.
2014-11-24 5.0 CVE-2014-7848MLIST (link is external)
moodle -- moodle lib/setup.php in Moodle through 2.4.11, 2.5.x
before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before
2.7.3 does not provide charset information in HTTP
headers, which might allow remote attackers to
conduct cross-site scripting (XSS) attacks via UTF-7
characters during interaction with AJAX scripts.
2014-11-24 4.3 CVE-2014-9059MLIST (link is external)
moodle -- moodle The LTI module in Moodle through 2.4.11, 2.5.x
before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before
2.7.3 does not properly restrict the parameters used
in a return URL, which allows remote attackers to
trigger the generation of arbitrary messages via a
modified URL, related to mod/lti/locallib.php and
mod/lti/return.php.
2014-11-24 5.0 CVE-2014-9060CONFIRMMLIST (link is external)
moxi9 -- phpfox Cross-site scripting (XSS) vulnerability in
Guests/Boots in AdminCP in Moxi9 PHPFox before 4
Beta allows remote attackers to inject arbitrary web
script or HTML via the User-Agent header.
2014-11-21 4.3 CVE-2014-8469XF (link is external)BID (link is external)EXPLOIT-DB (link is external)FULLDISCMISC (link is
external)
open-xchange --
open-
xchange_appsuite
SQL injection vulnerability in Open-Xchange (OX)
AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-
rev23 allows remote authenticated users to execute
arbitrary SQL commands via a crafted jslob API call.
2014-11-21 6.5 CVE-2014-7871XF (link is external)BID (link is external)BUGTRAQ (link is external)MISC (link is external)
openstack --
neutron
OpenStack Neutron before 2014.1.4 and 2014.2.x
before 2014.2.1 allows remote authenticated users
to cause a denial of service (crash) via a crafted
dns_nameservers value in the DNS configuration.
2014-11-24 4.0 CVE-2014-7821XF (link is external)SECUNIA (link is external)
openswan --
openswan
Openswan 2.6.40 allows remote attackers to cause a
denial of service (NULL pointer dereference and IKE
daemon restart) via IKEv2 packets that lack
expected payloads. NOTE: this vulnerability exists
because of an incomplete fix for CVE 2013-6466.
2014-11-26 5.0 CVE-2014-2037BID (link is external)MLIST (link is external)MLIST (link is external)
openvpn --
openvpn_access_se
rver
Multiple cross-site request forgery (CSRF)
vulnerabilities in the XML-RPC API in the Desktop
Client in OpenVPN Access Server 1.5.6 and earlier
allow remote attackers to hijack the authentication
of administrators for requests that (1)
disconnecting established VPN sessions, (2) connect
to arbitrary VPN servers, or (3) create VPN profiles
and execute arbitrary commands via crafted API
requests.
2014-11-26 6.8 CVE-2014-9104MISC (link is external)MISC (link is external)BUGTRAQ (link is external)FULLDISC
oracle --
database_server
Unspecified vulnerability in the JPublisher
component in Oracle Database Server 11.1.0.7,
11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows
remote authenticated users to affect confidentiality
via unknown vectors, a different vulnerability than
CVE-2014-4290, CVE-2014-4291, CVE-2014-4292,
CVE-2014-4293, CVE-2014-4296, CVE-2014-4297,
CVE-2014-4310, and CVE-2014-6547. NOTE: this
issue was originally mapped to CVE-2014-4301, but
CVE-2014-4301 is for an unrelated vulnerability.
2014-11-23 6.8 CVE-2014-6477
paidmembershipspr
o --
Directory traversal vulnerability in
services/getfile.php in the Paid Memberships Pro
2014-11-28 5.0 CVE-2014-8801XF (link is external)
paid_memberships
_pro
plugin before 1.7.15 for WordPress allows remote
attackers to read arbitrary files via a .. (dot dot) in
the QUERY_STRING in a getfile action to wp-
admin/admin-ajax.php.
BID (link is external)EXPLOIT-DB (link is external)MISC (link is external)MISC (link is external)
polarssl -- polarssl PolarSSL 1.3.8 does not properly negotiate the
signature algorithm to use, which allows remote
attackers to conduct downgrade attacks via
unspecified vectors.
2014-11-24 5.0 CVE-2014-8627SECUNIA (link is external)SUSE
redhat -- resteasy DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does
not configure the (1) external-general-entities or (2)
external-parameter-entities features, which allows
remote attackers to conduct XML external entity
(XXE) attacks via unspecified vectors.
2014-11-25 6.4 CVE-2014-7839SECUNIA (link is external)
redhat -- freeipa Cross-site scripting (XSS) vulnerability in the Web UI
in FreeIPA 4.x before 4.1.2 allows remote attackers
to inject arbitrary web script or HTML via vectors
related to breadcrumb navigation.
2014-11-28 4.3 CVE-2014-7850
ruby-lang -- ruby The REXML parser in Ruby 1.9.x before 1.9.3
patchlevel 551, 2.0.x before 2.0.0 patchlevel 598,
and 2.1.x before 2.1.5 allows remote attackers to
cause a denial of service (CPU and memory
consumption) a crafted XML document containing
an empty string in an entity that is used in a large
number of nested entity references, aka an XML
Entity Expansion (XEE) attack. NOTE: this
vulnerability exists because of an incomplete fix for
CVE-2013-1821 and CVE-2014-8080.
2014-11-21 5.0 CVE-2014-8090
siemens --
simatic_pcs7
The WinCC server in Siemens SIMATIC WinCC 7.0
through SP3, 7.2 before Update 9, and 7.3 before
Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0
through SP2, and 8.1; and TIA Portal 13 before
Update 6 allows remote attackers to read arbitrary
files via crafted packets.
2014-11-26 5.0 CVE-2014-8552
simple_email_form
_project --
simple_email_form
Cross-site scripting (XSS) vulnerability in Simple
Email Form 1.8.5 and earlier allows remote
attackers to inject arbitrary web script or HTML via
2014-11-21 4.3 CVE-2014-8539MISC (link is external)BID (link is
the mod_simpleemailform_field2_1 parameter to
index.php.
external)BUGTRAQ (link is external)MISC (link is external)
skalfa -- oxwall Multiple cross-site request forgery (CSRF)
vulnerabilities in Oxwall 1.7.0 (build 7907 and 7906)
and SkaDate Lite 2.0 (build 7651) allow remote
attackers to hijack the authentication of
administrators for requests that conduct cross-site
scripting (XSS) attacks or possibly have other
unspecified impact via the (1) label parameter to
admin/users/roles/, (2) lang[1][base]
[questions_account_type_5615100a931845eca8da
20cfdf7327e0] in an AddAccountType action or (3)
qst_name parameter in an addQuestion action to
admin/questions/ajax-responder/, or (4)
form_name or (5) restrictedUsername parameter to
admin/restricted-usernames.
2014-11-26 6.8 CVE-2014-9101MISC (link is external)MISC (link is external)BID (link is external)EXPLOIT-DB (link is external)MISC (link is external)MISC (link is external)OSVDBOSVDBOSVDBOSVDB
squid-cache -- squid The pinger in Squid 3.x before 3.4.8 allows remote
attackers to obtain sensitive information or cause a
denial of service (out-of-bounds read and crash) via
a crafted type in an (1) ICMP or (2) ICMP6 packet.
2014-11-26 6.4 CVE-2014-7141CONFIRM (linkis external)MLISTMLISTMLIST
squid-cache -- squid The pinger in Squid 3.x before 3.4.8 allows remote
attackers to obtain sensitive information or cause a
denial of service (crash) via a crafted (1) ICMP or (2)
ICMP6 packet size.
2014-11-26 6.4 CVE-2014-7142CONFIRM (linkis external)MLISTMLISTMLIST
ubuntu -- apparmor apparmor_parser in the apparmor package before
2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows
attackers to bypass AppArmor policies via
unspecified vectors, related to a "miscompilation
flaw."
2014-11-24 6.4 CVE-2014-1424
whydowork_adsens
e_project --
whydowork_adsens
e
Cross-site request forgery (CSRF) vulnerability in the
WhyDoWork AdSense plugin 1.2 for WordPress
allows remote attackers to hijack the authentication
of administrators for requests that have unspecified
impact via a request to the whydowork_adsense
page in wp-admin/options-general.php.
2014-11-26 6.8 CVE-2014-9099BID (link is external)MISC (link is external)
whydowork_adsens
e_project --
whydowork_adsens
e
Cross-site scripting (XSS) vulnerability in the
WhyDoWork AdSense plugin 1.2 for WordPress
allows remote attackers to inject arbitrary web
script or HTML via the idcode parameter in the
whydowork_adsense page to wp-admin/options-
general.php.
2014-11-26 4.3 CVE-2014-9100BID (link is external)MISC (link is external)
wireshark --
wireshark
The decompress_sigcomp_message function in
epan/sigcomp-udvm.c in the SigComp UDVM
dissector in Wireshark 1.10.x before 1.10.11 allows
remote attackers to cause a denial of service (buffer
over-read and application crash) via a crafted
packet.
2014-11-22 5.0 CVE-2014-8710CONFIRMCONFIRM
wireshark --
wireshark
Multiple integer overflows in
epan/dissectors/packet-amqp.c in the AMQP
dissector in Wireshark 1.10.x before 1.10.11 and
1.12.x before 1.12.2 allow remote attackers to cause
a denial of service (application crash) via a crafted
amqp_0_10 PDU in a packet.
2014-11-22 5.0 CVE-2014-8711CONFIRMCONFIRMCONFIRM
wireshark --
wireshark
The build_expert_data function in
epan/dissectors/packet-ncp2222.inc in the NCP
dissector in Wireshark 1.10.x before 1.10.11 and
1.12.x before 1.12.2 does not properly initialize a
data structure, which allows remote attackers to
cause a denial of service (application crash) via a
crafted packet.
2014-11-22 5.0 CVE-2014-8712CONFIRMCONFIRM
wireshark --
wireshark
Stack-based buffer overflow in the
build_expert_data function in
epan/dissectors/packet-ncp2222.inc in the NCP
dissector in Wireshark 1.10.x before 1.10.11 and
1.12.x before 1.12.2 allows remote attackers to
cause a denial of service (application crash) via a
crafted packet.
2014-11-22 5.0 CVE-2014-8713CONFIRMCONFIRM
wireshark --
wireshark
The dissect_write_structured_field function in
epan/dissectors/packet-tn5250.c in the TN5250
dissector in Wireshark 1.10.x before 1.10.11 and
1.12.x before 1.12.2 allows remote attackers to
cause a denial of service (infinite loop) via a crafted
packet.
2014-11-22 5.0 CVE-2014-8714CONFIRMCONFIRMCONFIRM
wordpress --
wordpress
Cross-site scripting (XSS) vulnerability in the
wptexturize function in WordPress before 3.7.5,
3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows
remote attackers to inject arbitrary web script or
HTML via crafted use of shortcode brackets in a text
field, as demonstrated by a comment or a post.
2014-11-25 4.3 CVE-2014-9031MLIST (link is external)MISC (link is external)
wordpress --
wordpress
Cross-site scripting (XSS) vulnerability in the media-
playlists feature in WordPress before 3.9.x before
3.9.3 and 4.x before 4.0.1 allows remote attackers to
inject arbitrary web script or HTML via unspecified
vectors.
2014-11-25 4.3 CVE-2014-9032MLIST (link is external)
wordpress --
wordpress
Cross-site request forgery (CSRF) vulnerability in
wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2, and
4.0 allows remote attackers to hijack the
authentication of arbitrary users for requests that
reset passwords.
2014-11-25 6.8 CVE-2014-9033MLIST (link is external)
wordpress --
wordpress
wp-includes/class-phpass.php in WordPress before
3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x
before 4.0.1 allows remote attackers to cause a
denial of service (CPU consumption) via a long
password that is improperly handled during
hashing, a similar issue to CVE-2014-9016.
2014-11-25 5.0 CVE-2014-9034MLIST (link is external)
wordpress --
wordpress
Cross-site scripting (XSS) vulnerability in Press This
in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x
before 3.9.3, and 4.x before 4.0.1 allows remote
attackers to inject arbitrary web script or HTML via
unspecified vectors.
2014-11-25 4.3 CVE-2014-9035MLIST (link is external)
wordpress --
wordpress
Cross-site scripting (XSS) vulnerability in WordPress
before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3,
and 4.x before 4.0.1 allows remote attackers to
inject arbitrary web script or HTML via a crafted
Cascading Style Sheets (CSS) token sequence in a
post.
2014-11-25 4.3 CVE-2014-9036MLIST (link is external)
wordpress --
wordpress
WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x
before 3.9.3, and 4.x before 4.0.1 might allow
remote attackers to obtain access to an account idle
since 2008 by leveraging an improper PHP dynamic
type comparison for an MD5 hash.
2014-11-25 6.8 CVE-2014-9037MLIST (link is external)
wordpress --
wordpress
wp-includes/http.php in WordPress before 3.7.5,
3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before
4.0.1 allows remote attackers to conduct server-side
request forgery (SSRF) attacks by referring to a
127.0.0.0/8 resource.
2014-11-25 6.4 CVE-2014-9038MLIST (link is external)
wordpress --
wordpress
wp-login.php in WordPress before 3.7.5, 3.8.x
before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1
might allow remote attackers to reset passwords by
leveraging access to an e-mail account that
received a password-reset message.
2014-11-25 4.3 CVE-2014-9039MLIST (link is external)
xavoc -- xepan_cms Cross-site request forgery (CSRF) vulnerability in
Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1,
and earlier allows remote attackers to hijack the
authentication of administrators for requests that
create new administrative accounts via a crafted
request to the owner/users page.
2014-11-28 6.8 CVE-2014-8429MISC (link is external)BUGTRAQ (link is external)
Low Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published CVSSScore
The CVE Identity
apptha --
contus_video_galle
ry
Multiple cross-site scripting (XSS) vulnerabilities in
the Apptha WordPress Video Gallery (contus-video-
gallery) plugin 2.5, possibly before 2014-07-23, for
WordPress allow remote authenticated users to
inject arbitrary web script or HTML via the
videoadssearchQuery parameter to (1)
videoads/videoads.php, (2) video/video.php, or (3)
playlist/playlist.php.
2014-11-26 3.5 CVE-2014-9098BID (link is external)MISC (link is external)
check_diskio_proje
ct -- check_diskio
The check_diskio plugin 3.2.6 and earlier for Nagios
and Icinga allows local users to write to arbitrary files
via a symlink attack on a temporary file with a
predictable name (tmp/check_diskio_status-*-*).
2014-11-28 3.6 CVE-2014-8994XF (link is external)BID (link is external)MLISTMLIST
ibm --
websphere_portal
Cross-site scripting (XSS) vulnerability in IBM
WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x
through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02
allows remote authenticated users to inject arbitrary
web script or HTML via a crafted URL.
2014-11-25 3.5 CVE-2014-6093XF (link is external)
liferay --
liferay_portal
Cross-site scripting (XSS) vulnerability in Liferay
Portal Enterprise Edition (EE) 6.2 SP8 and earlier
allows remote authenticated users to inject arbitrary
web script or HTML via the _20_body parameter in
the comment field in an uploaded file.
2014-11-24 3.5 CVE-2014-8349FULLDISCMISC (link is external)
mantisbt --
mantisbt
Cross-site scripting (XSS) vulnerability in the
selection list in the filters in the Configuration Report
page (adm_config_report.php) in MantisBT 1.2.13
through 1.2.17 allows remote administrators to
inject arbitrary web script or HTML via a crafted
config option, a different vulnerability than CVE-
2014-8987.
2014-11-24 3.5 CVE-2014-8986MLIST (link is external)MLIST (link is external)MLIST (link is external)MLIST (link is external)
moodle -- moodle Cross-site scripting (XSS) vulnerability in 2014-11-24 3.5 CVE-2014-7830
mod/feedback/mapcourse.php in the Feedback
module in Moodle through 2.4.11, 2.5.x before 2.5.9,
2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows
remote authenticated users to inject arbitrary web
script or HTML by leveraging the
mod/feedback:mapcourse capability to provide a
searchcourse parameter.
MLIST (link is external)CONFIRM
moodle -- moodle webservice/upload.php in Moodle 2.6.x before 2.6.6
and 2.7.x before 2.7.3 does not ensure that a file
upload is for a private or draft area, which allows
remote authenticated users to upload files
containing JavaScript, and consequently conduct
cross-site scripting (XSS) attacks, by specifying the
profile-picture area.
2014-11-24 2.1 CVE-2014-7835CONFIRMMLIST (link is external)CONFIRM
python -- pip pip 1.3 through 1.5.6 allows local users to cause a
denial of service (prevention of package installation)
by creating a /tmp/pip-build-* file for another user.
2014-11-24 2.1 CVE-2014-8991CONFIRM (linkis external)CONFIRMBID (link is external)MLIST (link is external)MLIST (link is external)
• Sources: http://nvd.nist.gov (For more information visit the National Vulnerabilities Database (NVD) which
contains a database of every vulnerability that has ever been published).
Uganda Communications Commission – UGCERTEmail: info@ug-cert.ug Tel + 256 414 302 100/150 Toll Free: 0800 133 911
Website www.ug-cert.ug Face book / Twitter: UGCERT
top related