Original release date: March 03, 2014
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary
Vendor -- Product
Description
Published
CVSS Score
Source & Patch Info
adrotateplugin -- adrotate
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter.
2014-02-27
7.5
CVE-2014-1854
apple -- quicktime
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
2014-02-26
9.3
CVE-2014-1243
apple -- quicktime
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
2014-02-26
9.3
CVE-2014-1244
apple -- quicktime
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.
2014-02-26
9.3
CVE-2014-1245
apple -- quicktime
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
2014-02-26
9.3
CVE-2014-1246
apple -- quicktime
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.
2014-02-26
9.3
CVE-2014-1247
apple -- quicktime
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.
2014-02-26
9.3
CVE-2014-1248
apple -- quicktime
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.
2014-02-26
9.3
CVE-2014-1249
apple -- quicktime
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
2014-02-26
9.3
CVE-2014-1250
apple -- quicktime
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.
2014-02-26
9.3
CVE-2014-1251
apple -- mac_os_x
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
2014-02-26
7.5
CVE-2014-1255
apple -- mac_os_x
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
2014-02-26
7.5
CVE-2014-1256
apple -- mac_os_x
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
2014-02-26
7.5
CVE-2014-1261
apple -- mac_os_x
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.
2014-02-26
7.5
CVE-2014-1262
autodesk -- autocad
Autodesk AutoCAD before 2014 allows remote attackers to execute arbitrary VBScript code via a crafted FAS file search path.
2014-02-22
7.5
CVE-2014-0818
belkin -- wemo_home_automation_firmware
The peerAddresses API in Belkin WeMo Home Automation firmware before 3949 allows remote attackers to conduct XML injection attacks and read arbitrary files via unspecified vectors.
2014-02-22
7.8
CVE-2013-6948
belkin -- wemo_home_automation_firmware
The Belkin WeMo Home Automation firmware before 3949 does not properly restrict the use of STUN and TURN proxies, which allows man-in-the-middle attackers to bypass intended access restrictions via crafted packets.
2014-02-22
9.3
CVE-2013-6949
belkin -- wemo_home_automation_firmware
The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows remote attackers to obtain sensitive information by sniffing the network.
2014-02-22
7.8
CVE-2013-6950
belkin -- wemo_home_automation_firmware
The Belkin WeMo Home Automation firmware before 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary X.509 certificate.
2014-02-22
7.1
CVE-2013-6951
belkin -- wemo_home_automation_firmware
The Belkin WeMo Home Automation firmware before 3949 has a hardcoded key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data.
2014-02-22
10.0
CVE-2013-6952
cisco -- prime_infrastructure
Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308.
2014-02-27
9.0
CVE-2014-0679
cisco -- ucs_director
Cisco UCS Director (formerly Cisco Cloupia) before 4.0.0.3 has a default root account, which allows remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930.
2014-02-22
9.3
CVE-2014-0709
cisco -- firewall_services_module_software
Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and 4.x before 4.1(15) allows remote attackers to cause a denial of service (device reload) via certain matching traffic, aka Bug ID CSCuj16824.
2014-02-22
7.1
CVE-2014-0710
cisco -- ips_sensor_software
The produce-verbose-alert feature in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266.
2014-02-22
7.1
CVE-2014-0718
cisco -- ips_sensor_software
The control-plane access-list implementation in MainApp in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394.
2014-02-22
7.8
CVE-2014-0719
cisco -- ips_sensor_software
Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944.
2014-02-22
7.1
CVE-2014-0720
cisco -- unified_sip_phone_3905
Cisco Unified SIP Phone 3905 allows remote attackers to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574.
2014-02-22
10.0
CVE-2014-0721
google -- chrome
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism.
2014-02-23
7.5
CVE-2013-6652
google -- chrome
Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser.
2014-02-23
7.5
CVE-2013-6653
google -- chrome
The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors.
2014-02-23
7.5
CVE-2013-6654
google -- chrome
Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout.
2014-02-23
7.5
CVE-2013-6655
google -- chrome
Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function.
2014-02-23
7.5
CVE-2013-6658
google -- chrome
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors.
2014-02-23
7.5
CVE-2013-6661
hp -- storevirtual_virtual_storage_appliance
Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509.
2014-02-26
10.0
CVE-2013-4841
hp -- application_information_optimizer
The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656.
2014-02-26
7.5
CVE-2013-6203
hp -- application_information_optimizer
The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004.
2014-02-26
7.5
CVE-2013-6204
i-doit -- i-doit
SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI.
2014-02-27
7.5
CVE-2014-1597
iconics -- genesis32
An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document.
2014-02-23
9.3
CVE-2014-0758
mitsubishielectric -- mc-worx_suite
An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.
2014-02-23
9.3
CVE-2013-2817
norman -- security_suite
Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain privileges via unknown vectors.
2014-02-26
7.2
CVE-2014-0816
schneider-electric -- citectscada
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet.
2014-02-26
7.8
CVE-2013-2824
siemens -- ruggedcom_rugged_operating_system
The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets.
2014-02-23
7.8
CVE-2014-1966
suse -- studio_extension_for_system_z
SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
2014-02-26
7.5
CVE-2013-3712
tibco -- enterprise_administrator
TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors.
2014-02-27
10.0
CVE-2014-2075
Back to top
Medium Vulnerabilities
Primary
Vendor -- Product
Description
Published
CVSS Score
Source & Patch Info
7andi-fs.co -- denny's
The Denny's application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
2014-02-26
5.8
CVE-2014-1967
apache -- tomcat
Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
2014-02-26
5.8
CVE-2013-4286
apache -- tomcat
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
2014-02-26
4.3
CVE-2013-4322
apache -- tomcat
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
2014-02-26
4.3
CVE-2013-4590
apache -- tomcat
org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session fixation attacks via a crafted URL.
2014-02-26
4.3
CVE-2014-0033
apple -- mac_os_x
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
2014-02-26
6.8
CVE-2014-1254
apple -- mac_os_x
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
2014-02-26
6.8
CVE-2014-1258
apple -- mac_os_x
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
2014-02-26
6.8
CVE-2014-1259
apple -- mac_os_x
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
2014-02-26
6.8
CVE-2014-1260
apple -- mac_os_x
curl in Apple OS X 10.9.x before 10.9.2 does not verify X.509 certificates from HTTPS servers that are accessed using a numerical IP address, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
2014-02-26
4.3
CVE-2014-1263
apple -- mac_os_x
Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after the viewing of file ACL information, which allows local users to bypass intended access restrictions in opportunistic circumstances via standard filesystem operations on a file with a damaged ACL.
2014-02-26
4.4
CVE-2014-1264
apple -- mac_os_x
The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock.
2014-02-26
4.6
CVE-2014-1265
apple -- apple_tv
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.
2014-02-22
6.8
CVE-2014-1266
apple -- safari
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.
2014-02-26
6.8
CVE-2014-1268
apple -- safari
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270.
2014-02-26
6.8
CVE-2014-1269
apple -- safari
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.
2014-02-26
6.8
CVE-2014-1270
autodesk -- autocad
Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
2014-02-22
4.4
CVE-2014-0819
blackboard -- vista/ce
Cross-site scripting (XSS) vulnerability in Blackboard Vista/CE 8.0 SP6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2014-02-22
4.3
CVE-2014-0811
cisco -- unified_computing_system_central_software
Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a local-mgmt context, aka Bug ID CSCul53128.
2014-02-22
6.8
CVE-2014-0730
cisco -- unified_communications_manager
The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java .class files via a direct request, aka Bug ID CSCum46497.
2014-02-22
5.0
CVE-2014-0731
cisco -- unified_ip_phone_7960g
Cisco Unified IP Phone 7960G allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66795.
2014-02-22
4.3
CVE-2014-0737
cisco -- adaptive_security_appliance_software
The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66770.
2014-02-22
4.3
CVE-2014-0738
cisco -- adaptive_security_appliance_software
Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP request, aka Bug ID CSCuj66766.
2014-02-22
4.3
CVE-2014-0739
cisco -- unified_communications_manager
Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of administrators for requests that make administrative changes, aka Bug ID CSCun00701.
2014-02-26
4.3
CVE-2014-0740
cisco -- unified_communications_manager
The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461.
2014-02-26
6.2
CVE-2014-0741
cisco -- unified_communications_manager
The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464.
2014-02-26
6.2
CVE-2014-0742
cisco -- unified_communications_manager
The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468.
2014-02-26
5.0
CVE-2014-0743
cisco -- unified_contact_center_express_editor_software
Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502.
2014-02-26
6.8
CVE-2014-0745
cisco -- unified_contact_center_express_editor_software
The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536.
2014-02-26
4.0
CVE-2014-0746
cisco -- unified_communications_manager
The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493.
2014-02-26
6.8
CVE-2014-0747
cisco -- unified_contact_center_express_editor_software
Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining this content, aka Bug ID CSCum95575.
2014-02-26
4.0
CVE-2014-2102
cisco -- intrusion_prevention_system
Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.
2014-02-27
6.8
CVE-2014-2103
cybozu -- garoon
Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not properly manage sessions, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors.
2014-02-26
4.9
CVE-2014-0817
cybozu -- garoon
Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.
2014-02-26
4.0
CVE-2014-0820
cybozu -- garoon
SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6930 and CVE-2013-6931.
2014-02-26
6.8
CVE-2014-0821
google -- chrome
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors.
2014-02-23
5.0
CVE-2013-6656
google -- chrome
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
2014-02-23
6.4
CVE-2013-6657
google -- chrome
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation.
2014-02-23
6.4
CVE-2013-6659
google -- chrome
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site.
2014-02-23
5.0
CVE-2013-6660
hp -- service_manager
Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.
2014-02-23
6.8
CVE-2013-6202
i-doit -- i-doit
Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title.
2014-02-27
4.3
CVE-2014-2231
ibm -- netezza_performance_portal
IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request.
2014-02-26
4.0
CVE-2013-6731
ibm -- cognos_business_intelligence
Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 10.1 before IF6 and 10.2 before IF7 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
2014-02-22
4.3
CVE-2013-6732
ibm -- rational_focal_point
<td style="text