Original release date: April 14, 2014
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary
Vendor -- Product
Description
Published
CVSS Score
Source & Patch Info
adobe -- adobe_air
Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors.
2014-04-08
9.3
CVE-2014-0507
advanced_forum_signatures_project -- advanced_forum_signatures
Multiple SQL injection vulnerabilities in signature.php in the Advanced Forum Signatures (aka afsignatures) plugin 2.0.4 for MyBB allow remote attackers to execute arbitrary SQL commands via the (1) afs_type, (2) afs_background, (3) afs_showonline, (4) afs_bar_left, (5) afs_bar_center, (6) afs_full_line1, (7) afs_full_line2, (8) afs_full_line3, (9) afs_full_line4, (10) afs_full_line5, or (11) afs_full_line6 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
2014-04-08
7.5
CVE-2011-5277
advanced_forum_signatures_project -- advanced_forum_signatures
SQL injection vulnerability in signature.php in Advanced Forum Signatures plugin (aka afsignatures) 2.0.4 for MyBB allows remote attackers to execute arbitrary SQL commands via the afs_bar_right parameter.
2014-04-08
7.5
CVE-2011-5278
cacti -- cacti
SQL injection vulnerability in graph_xport.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
2014-04-10
7.5
CVE-2014-2708
cisco -- adaptive_security_appliance_software
Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 before 8.4(7.5), 8.7 before 8.7(1.11), 9.0 before 9.0(3.10), and 9.1 before 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496.
2014-04-10
8.5
CVE-2014-2126
cisco -- adaptive_security_appliance_software
Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.
2014-04-10
8.5
CVE-2014-2127
cisco -- adaptive_security_appliance_software
The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052.
2014-04-10
7.1
CVE-2014-2129
clip-bucket -- clipbucket
Multiple SQL injection vulnerabilities in the update_counter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to (1) videos.php or (2) channels.php. NOTE: some of these details are obtained from third party information.
2014-04-08
7.5
CVE-2012-6643
erlang-solutions -- mongooseim
Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
2014-04-10
7.8
CVE-2014-2829
google -- chrome
Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."
2014-04-09
7.5
CVE-2014-1716
google -- chrome
Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
2014-04-09
7.5
CVE-2014-1717
google -- chrome
Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory.
2014-04-09
7.5
CVE-2014-1718
google -- chrome
Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWorkerContext function in content/worker/websharedworker_stub.cc in the Web Workers implementation in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger a SharedWorker termination during script loading.
2014-04-09
7.5
CVE-2014-1719
google -- chrome
Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes.
2014-04-09
7.5
CVE-2014-1720
google -- chrome
Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a heap allocation of a number outside the Small Integer (aka smi) range.
2014-04-09
7.5
CVE-2014-1721
google -- chrome
Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node.
2014-04-09
7.5
CVE-2014-1722
google -- chrome
The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers (IRIs), which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left (RTL) Unicode text.
2014-04-09
7.5
CVE-2014-1723
google -- chrome
Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request.
2014-04-09
7.5
CVE-2014-1724
google -- chrome
Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms.
2014-04-09
7.5
CVE-2014-1727
google -- chrome
Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
2014-04-09
7.5
CVE-2014-1728
google -- chrome
Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
2014-04-09
7.5
CVE-2014-1729
igniterealtime -- openfire
Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
2014-04-10
7.8
CVE-2014-2741
isode -- m-link
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
2014-04-10
7.8
CVE-2014-2742
lightwitch -- metronome
plugins/mod_compression.lua in Lightwitch Metronome through 3.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
2014-04-10
7.8
CVE-2014-2743
lightwitch -- metronome
plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cause a denial of service (resource consumption) via compressed XML elements in an XMPP stream, aka an "xmppbomb" attack.
2014-04-10
7.8
CVE-2014-2744
microsoft -- internet_explorer
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1751 and CVE-2014-1755.
2014-04-08
9.3
CVE-2014-0235
microsoft -- internet_explorer
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 and CVE-2014-1755.
2014-04-08
9.3
CVE-2014-1751
microsoft -- internet_explorer
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
2014-04-08
9.3
CVE-2014-1752
microsoft -- internet_explorer
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
2014-04-08
9.3
CVE-2014-1753
microsoft -- internet_explorer
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 and CVE-2014-1751.
2014-04-08
9.3
CVE-2014-1755
microsoft -- office_compatibility_pack
Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility Pack SP3, allocates memory incorrectly for file conversions from a binary (aka .doc) format to a newer format, which allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office File Format Converter Vulnerability."
2014-04-08
9.3
CVE-2014-1757
microsoft -- word
Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Word Stack Overflow Vulnerability."
2014-04-08
9.3
CVE-2014-1758
microsoft -- publisher
pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted .pub file, aka "Arbitrary Pointer Dereference Vulnerability."
2014-04-08
9.3
CVE-2014-1759
microsoft -- internet_explorer
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
2014-04-08
9.3
CVE-2014-1760
pearson -- esis_enterprise_student_information_system
SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL commands via the new password.
2014-04-10
7.5
CVE-2014-1455
prosody -- prosody
Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack, related to core/portmanager.lua and util/xmppstream.lua.
2014-04-10
7.8
CVE-2014-2745
sap -- bi_universal_data_integration
SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema.
2014-04-10
7.5
CVE-2013-7355
sap -- adminadapter
Unspecified vulnerability in SAP adminadapter allows remote attackers to read or write to arbitrary files via unknown vectors.
2014-04-10
7.5
CVE-2013-7360
sap -- ccms_agent
An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors.
2014-04-10
7.5
CVE-2013-7362
sap -- solution_manager
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol.
2014-04-10
7.5
CVE-2013-7363
sap -- netweaver
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.
2014-04-10
7.5
CVE-2013-7364
sap -- enterprise_portal
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors.
2014-04-10
7.5
CVE-2013-7367
sap -- enhancement_package
The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for SAP ERP 6.0 allows remote attackers to modify or delete arbitrary log classes via unspecified vectors. NOTE: some of these details are obtained from third party information.
2014-04-10
7.5
CVE-2014-2748
sap -- print_and_output_management
SAP Print and Output Management has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
2014-04-10
7.5
CVE-2014-2751
sap -- business_object_processing_framework_for_abap
SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
2014-04-10
7.5
CVE-2014-2752
tibco -- rendezvous
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.
2014-04-08
7.5
CVE-2014-2543
tibco -- analyst
Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors.
2014-04-09
7.5
CVE-2014-2544
tigase -- tigase
net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
2014-04-10
7.8
CVE-2014-2746
Back to top
Medium Vulnerabilities
Primary
Vendor -- Product
Description
Published
CVSS Score
Source & Patch Info
adobe -- adobe_air
Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
2014-04-08
5.0
CVE-2014-0508
adobe -- adobe_air
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2014-04-08
4.3
CVE-2014-0509
cisco -- adaptive_security_appliance_software
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted cookie value within modified HTTP POST data or (2) a crafted URL, aka Bug ID CSCua85555.
2014-04-10
5.0
CVE-2014-2128
cisco -- ons_15454
The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416.
2014-04-10
4.0
CVE-2014-2141
cisco -- ios_xr
Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.
2014-04-05
6.1
CVE-2014-2144
cisco -- unity_connection
Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.
2014-04-05
4.0
CVE-2014-2145
clip-bucket -- clipbucket
Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter to view_channel.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
2014-04-08
4.3
CVE-2012-6642
clip-bucket -- clipbucket
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
2014-04-08
4.3
CVE-2012-6644
cms_tree_page_view_project -- cms_tree_page_view
Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php.
2014-04-07
4.3
CVE-2012-1834
danielb -- finder
Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "checkbox and radio button functionalities."
2014-04-08
4.3
CVE-2012-1561
danielb -- finder
Cross-site scripting (XSS) vulnerability in the autocomplete functionality in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via the title of a node, a different vulnerability than CVE-2012-1561.
2014-04-08
4.3
CVE-2012-6645
david_paleino -- wicd
The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
2014-04-07
6.9
CVE-2012-2095
dell -- openmanage_server_administrator
Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter to HelpViewer.
2014-04-10
5.8
CVE-2013-0740
dvs_custom_notification_project -- dvs_custom_notification
Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS Custom Notification plugin 1.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change application settings or (2) conduct cross-site scripting (XSS) attacks.
2014-04-10
6.8
CVE-2012-4921
fortinet -- fortiadc-1000e
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiADC with firmware before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the locale parameter to gui_partA/.
2014-04-10
4.3
CVE-2014-0331
google -- chrome
The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call.
2014-04-09
5.0
CVE-2014-1725
google -- chrome
The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access.
2014-04-09
4.3
CVE-2014-1726
horde -- groupware
Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted name for an attached file, related to the dynamic view.
2014-04-05
4.3
CVE-2012-5565
horde -- groupware
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.17, as used in Horde Groupware Webmail Edition before 4.0.8, allow remote attackers to inject arbitrary web script or HTML via the (1) tasks view or (2) search view.
2014-04-05
4.3
CVE-2012-5566
horde -- groupware
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject arbitrary web script or HTML via crafted event location parameters in the (1) month, (2) monthlist, or (3) prevmonthlist fields, related to portal blocks.
2014-04-05
4.3
CVE-2012-5567
horde -- groupware
Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565.
2014-04-05
4.3
CVE-2012-6640
hp -- icewall_identity_manager
Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors.
2014-04-05
4.0
CVE-2014-2600
huawei -- echo_life
Cross-site scripting (XSS) vulnerability in the web interface on Huawei Echo Life HG8247 routers with software before V100R006C00SPC127 allows remote attackers to inject arbitrary web script or HTML via an invalid TELNET connection attempt with a crafted username that is not properly handled during construction of the "failed log-in attempts over telnet" log view.
2014-04-05
4.3
CVE-2014-0337
ibm -- optim_workload_replay
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Workload Replay 1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
2014-04-05
4.3
CVE-2014-0827
ibm -- business_process_manager
The User Attribute implementation in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.2, and 8.5.x through 8.5.0.1 does not verify authorization for read or write access to attribute values, which allows remote authenticated users to obtain sensitive information, configure e-mail notifications, or modify task assignments via REST API calls.
2014-04-10
6.0
CVE-2014-0908
ibm -- spss_analytic_server
IBM SPSS Analytic Server 1.0 before IF002 and 1.0.1 before IF004 logs cleartext passwords, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
2014-04-10
4.0
CVE-2014-0920
jeremy_massel -- underconstruction
Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for WordPress allows remote attackers to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.
2014-04-10
6.8
CVE-2013-2699
kernel -- linux-pam
Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create aribitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty funtion, which is used by the format_timestamp_name function.
2014-04-10
5.8
CVE-2014-2583
lee_howard -- hylafax+
Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, when using LDAP authentication, might allow remote attackers to cause a denial of service (child hang) or execute arbitrary code via a long USER command.
2014-04-06
6.8
CVE-2013-5680
lesterchan -- wp-postviews
Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors.
2014-04-10
6.8
CVE-2013-3252
microsoft -- windows_7
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."
2014-04-08
6.9
CVE-2014-0315
microsoft -- office
The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption and persistent application hang) via a crafted XML document containing a large number of nested entity references, as demonstrated by a crafted text/plain e-mail message to Outlook, a similar issue to CVE-2003-1564.
2014-04-05
5.0
CVE-2014-2730
openssl -- openssl
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
2014-04-07
5.0
CVE-2014-0160
prestashop -- prestashop
Cross-site scripting (XSS) vulnerability in redirect.php in the Socolissimo module (modules/socolissimo/) in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to "parameter names and values."
2014-04-07
4.3
CVE-2012-6641
prosody -- prosody
Prosody before 0.9.4, when mod_compression is enabled, allows remote attackers to cause a denial of service (resource consumption) via compressed XML elements in an XMPP stream, aka "zip bomb" attack.
2014-04-10
<a href="http://nvd.