The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adrotateplugin -- adrotate | SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter. | 2014-02-27 | 7.5 | CVE-2014-1854 |
| apple -- quicktime | Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file. | 2014-02-26 | 9.3 | CVE-2014-1243 |
| apple -- quicktime | Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | 2014-02-26 | 9.3 | CVE-2014-1244 |
| apple -- quicktime | Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file. | 2014-02-26 | 9.3 | CVE-2014-1245 |
| apple -- quicktime | Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file. | 2014-02-26 | 9.3 | CVE-2014-1246 |
| apple -- quicktime | Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file. | 2014-02-26 | 9.3 | CVE-2014-1247 |
| apple -- quicktime | Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file. | 2014-02-26 | 9.3 | CVE-2014-1248 |
| apple -- quicktime | Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image. | 2014-02-26 | 9.3 | CVE-2014-1249 |
| apple -- quicktime | Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file. | 2014-02-26 | 9.3 | CVE-2014-1250 |
| apple -- quicktime | Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file. | 2014-02-26 | 9.3 | CVE-2014-1251 |
| apple -- mac_os_x | Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | 2014-02-26 | 7.5 | CVE-2014-1255 |
| apple -- mac_os_x | Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | 2014-02-26 | 7.5 | CVE-2014-1256 |
| apple -- mac_os_x | Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font. | 2014-02-26 | 7.5 | CVE-2014-1261 |
| apple -- mac_os_x | Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption. | 2014-02-26 | 7.5 | CVE-2014-1262 |
| autodesk -- autocad | Autodesk AutoCAD before 2014 allows remote attackers to execute arbitrary VBScript code via a crafted FAS file search path. | 2014-02-22 | 7.5 | CVE-2014-0818 |
| belkin -- wemo_home_automation_firmware | The peerAddresses API in Belkin WeMo Home Automation firmware before 3949 allows remote attackers to conduct XML injection attacks and read arbitrary files via unspecified vectors. | 2014-02-22 | 7.8 | CVE-2013-6948 |
| belkin -- wemo_home_automation_firmware | The Belkin WeMo Home Automation firmware before 3949 does not properly restrict the use of STUN and TURN proxies, which allows man-in-the-middle attackers to bypass intended access restrictions via crafted packets. | 2014-02-22 | 9.3 | CVE-2013-6949 |
| belkin -- wemo_home_automation_firmware | The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows remote attackers to obtain sensitive information by sniffing the network. | 2014-02-22 | 7.8 | CVE-2013-6950 |
| belkin -- wemo_home_automation_firmware | The Belkin WeMo Home Automation firmware before 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary X.509 certificate. | 2014-02-22 | 7.1 | CVE-2013-6951 |
| belkin -- wemo_home_automation_firmware | The Belkin WeMo Home Automation firmware before 3949 has a hardcoded key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data. | 2014-02-22 | 10.0 | CVE-2013-6952 |
| cisco -- prime_infrastructure | Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308. | 2014-02-27 | 9.0 | CVE-2014-0679 |
| cisco -- ucs_director | Cisco UCS Director (formerly Cisco Cloupia) before 4.0.0.3 has a default root account, which allows remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930. | 2014-02-22 | 9.3 | CVE-2014-0709 |
| cisco -- firewall_services_module_software | Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and 4.x before 4.1(15) allows remote attackers to cause a denial of service (device reload) via certain matching traffic, aka Bug ID CSCuj16824. | 2014-02-22 | 7.1 | CVE-2014-0710 |
| cisco -- ips_sensor_software | The produce-verbose-alert feature in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266. | 2014-02-22 | 7.1 | CVE-2014-0718 |
| cisco -- ips_sensor_software | The control-plane access-list implementation in MainApp in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394. | 2014-02-22 | 7.8 | CVE-2014-0719 |
| cisco -- ips_sensor_software | Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944. | 2014-02-22 | 7.1 | CVE-2014-0720 |
| cisco -- unified_sip_phone_3905 | Cisco Unified SIP Phone 3905 allows remote attackers to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574. | 2014-02-22 | 10.0 | CVE-2014-0721 |
| google -- chrome | Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism. | 2014-02-23 | 7.5 | CVE-2013-6652 |
| google -- chrome | Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser. | 2014-02-23 | 7.5 | CVE-2013-6653 |
| google -- chrome | The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors. | 2014-02-23 | 7.5 | CVE-2013-6654 |
| google -- chrome | Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. | 2014-02-23 | 7.5 | CVE-2013-6655 |
| google -- chrome | Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. | 2014-02-23 | 7.5 | CVE-2013-6658 |
| google -- chrome | Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors. | 2014-02-23 | 7.5 | CVE-2013-6661 |
| hp -- storevirtual_virtual_storage_appliance | Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509. | 2014-02-26 | 10.0 | CVE-2013-4841 |
| hp -- application_information_optimizer | The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656. | 2014-02-26 | 7.5 | CVE-2013-6203 |
| hp -- application_information_optimizer | The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004. | 2014-02-26 | 7.5 | CVE-2013-6204 |
| i-doit -- i-doit | SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI. | 2014-02-27 | 7.5 | CVE-2014-1597 |
| iconics -- genesis32 | An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document. | 2014-02-23 | 9.3 | CVE-2014-0758 |
| mitsubishielectric -- mc-worx_suite | An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click. | 2014-02-23 | 9.3 | CVE-2013-2817 |
| norman -- security_suite | Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain privileges via unknown vectors. | 2014-02-26 | 7.2 | CVE-2014-0816 |
| schneider-electric -- citectscada | Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet. | 2014-02-26 | 7.8 | CVE-2013-2824 |
| siemens -- ruggedcom_rugged_operating_system | The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets. | 2014-02-23 | 7.8 | CVE-2014-1966 |
| suse -- studio_extension_for_system_z | SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors. | 2014-02-26 | 7.5 | CVE-2013-3712 |
| tibco -- enterprise_administrator | TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors. | 2014-02-27 | 10.0 | CVE-2014-2075 |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| 7andi-fs.co -- denny's | The Denny's application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2014-02-26 | 5.8 | CVE-2014-1967 |
| apache -- tomcat | Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090. | 2014-02-26 | 5.8 | CVE-2013-4286 |
| apache -- tomcat | Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544. | 2014-02-26 | 4.3 | CVE-2013-4322 |
| apache -- tomcat | Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 2014-02-26 | 4.3 | CVE-2013-4590 |
| apache -- tomcat | org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session fixation attacks via a crafted URL. | 2014-02-26 | 4.3 | CVE-2014-0033 |
| apple -- mac_os_x | Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document. | 2014-02-26 | 6.8 | CVE-2014-1254 |
| apple -- mac_os_x | Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image. | 2014-02-26 | 6.8 | CVE-2014-1258 |
| apple -- mac_os_x | Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename. | 2014-02-26 | 6.8 | CVE-2014-1259 |
| apple -- mac_os_x | QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document. | 2014-02-26 | 6.8 | CVE-2014-1260 |
| apple -- mac_os_x | curl in Apple OS X 10.9.x before 10.9.2 does not verify X.509 certificates from HTTPS servers that are accessed using a numerical IP address, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | 2014-02-26 | 4.3 | CVE-2014-1263 |
| apple -- mac_os_x | Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after the viewing of file ACL information, which allows local users to bypass intended access restrictions in opportunistic circumstances via standard filesystem operations on a file with a damaged ACL. | 2014-02-26 | 4.4 | CVE-2014-1264 |
| apple -- mac_os_x | The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock. | 2014-02-26 | 4.6 | CVE-2014-1265 |
| apple -- apple_tv | The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step. | 2014-02-22 | 6.8 | CVE-2014-1266 |
| apple -- safari | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. | 2014-02-26 | 6.8 | CVE-2014-1268 |
| apple -- safari | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. | 2014-02-26 | 6.8 | CVE-2014-1269 |
| apple -- safari | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. | 2014-02-26 | 6.8 | CVE-2014-1270 |
| autodesk -- autocad | Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | 2014-02-22 | 4.4 | CVE-2014-0819 |
| blackboard -- vista/ce | Cross-site scripting (XSS) vulnerability in Blackboard Vista/CE 8.0 SP6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-02-22 | 4.3 | CVE-2014-0811 |
| cisco -- unified_computing_system_central_software | Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a local-mgmt context, aka Bug ID CSCul53128. | 2014-02-22 | 6.8 | CVE-2014-0730 |
| cisco -- unified_communications_manager | The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java .class files via a direct request, aka Bug ID CSCum46497. | 2014-02-22 | 5.0 | CVE-2014-0731 |
| cisco -- unified_ip_phone_7960g | Cisco Unified IP Phone 7960G allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66795. | 2014-02-22 | 4.3 | CVE-2014-0737 |
| cisco -- adaptive_security_appliance_software | The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66770. | 2014-02-22 | 4.3 | CVE-2014-0738 |
| cisco -- adaptive_security_appliance_software | Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP request, aka Bug ID CSCuj66766. | 2014-02-22 | 4.3 | CVE-2014-0739 |
| cisco -- unified_communications_manager | Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of administrators for requests that make administrative changes, aka Bug ID CSCun00701. | 2014-02-26 | 4.3 | CVE-2014-0740 |
| cisco -- unified_communications_manager | The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. | 2014-02-26 | 6.2 | CVE-2014-0741 |
| cisco -- unified_communications_manager | The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464. | 2014-02-26 | 6.2 | CVE-2014-0742 |
| cisco -- unified_communications_manager | The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468. | 2014-02-26 | 5.0 | CVE-2014-0743 |
| cisco -- unified_contact_center_express_editor_software | Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502. | 2014-02-26 | 6.8 | CVE-2014-0745 |
| cisco -- unified_contact_center_express_editor_software | The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536. | 2014-02-26 | 4.0 | CVE-2014-0746 |
| cisco -- unified_communications_manager | The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493. | 2014-02-26 | 6.8 | CVE-2014-0747 |
| cisco -- unified_contact_center_express_editor_software | Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining this content, aka Bug ID CSCum95575. | 2014-02-26 | 4.0 | CVE-2014-2102 |
| cisco -- intrusion_prevention_system | Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309. | 2014-02-27 | 6.8 | CVE-2014-2103 |
| cybozu -- garoon | Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not properly manage sessions, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors. | 2014-02-26 | 4.9 | CVE-2014-0817 |
| cybozu -- garoon | Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors. | 2014-02-26 | 4.0 | CVE-2014-0820 |
| cybozu -- garoon | SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6930 and CVE-2013-6931. | 2014-02-26 | 6.8 | CVE-2014-0821 |
| google -- chrome | The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors. | 2014-02-23 | 5.0 | CVE-2013-6656 |
| google -- chrome | core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | 2014-02-23 | 6.4 | CVE-2013-6657 |
| google -- chrome | The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation. | 2014-02-23 | 6.4 | CVE-2013-6659 |
| google -- chrome | The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site. | 2014-02-23 | 5.0 | CVE-2013-6660 |
| hp -- service_manager | Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code. | 2014-02-23 | 6.8 | CVE-2013-6202 |
| i-doit -- i-doit | Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title. | 2014-02-27 | 4.3 | CVE-2014-2231 |
| ibm -- netezza_performance_portal | IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request. | 2014-02-26 | 4.0 | CVE-2013-6731 |
| ibm -- cognos_business_intelligence | Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 10.1 before IF6 and 10.2 before IF7 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. | 2014-02-22 | 4.3 | CVE-2013-6732 |
| ibm -- rational_focal_point | IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to modify data via vectors involving a direct object reference. | 2014-02-25 | 4.0 | CVE-2014-0839 |
| ibm -- rational_focal_point | The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by reading the HTML source code. | 2014-02-25 | 5.0 | CVE-2014-0842 |
| ibm -- cognos_business_intelligence | The server in IBM Cognos Business Intelligence (BI) 10.1 before IF6 and 10.2 before IF7 allows remote attackers to read arbitrary files via a crafted DOCTYPE declaration in an XML document. | 2014-02-22 | 5.0 | CVE-2014-0854 |
| icinga -- icinga | Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi. | 2014-02-28 | 5.0 | CVE-2014-1878 |
| ikiwiki_hosting_project -- ikiwiki_hosting | Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-02-25 | 4.3 | CVE-2013-6047 |
| interworx -- web_control_panel | Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject arbitrary web script or HTML via the i parameter. | 2014-02-27 | 4.3 | CVE-2014-2035 |
| libpng -- libpng | The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero. | 2014-02-27 | 5.0 | CVE-2014-0333 |
| linux -- linux_kernel | The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. | 2014-02-28 | 6.2 | CVE-2014-0069 |
| linux -- linux_kernel | The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. | 2014-02-28 | 4.4 | CVE-2014-1874 |
| linux -- linux_kernel | arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction. | 2014-02-28 | 4.9 | CVE-2014-2039 |
| martin_nagy -- bind-dyndb-ldap | The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query. | 2014-02-26 | 4.3 | CVE-2012-2134 |
| mcafee -- epolicy_orchestrator | The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity (XXE) issue. | 2014-02-26 | 6.3 | CVE-2014-2205 |
| microsoft -- internet_explorer | The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014. | 2014-02-26 | 5.8 | CVE-2013-7331 |
| microsoft -- windows_8 | The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 2014-02-26 | 5.0 | CVE-2013-7332 |
| qemu -- qemu | Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message. | 2014-02-26 | 6.8 | CVE-2011-4111 |
| redhat -- jboss_enterprise_portal_platform | Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter. | 2014-02-26 | 4.3 | CVE-2011-2941 |
| redhat -- jboss_enterprise_portal_platform | Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-02-26 | 4.3 | CVE-2011-4580 |
| riken -- xoonips | Cross-site scripting (XSS) vulnerability in the XooNIps module 3.47 and earlier for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-02-26 | 4.3 | CVE-2014-1968 |
| schneider-electric -- floating_license_manager | Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. | 2014-02-28 | 6.9 | CVE-2014-0759 |
| schneider-electric -- ofs_test_client_tlxcdlfofs33 | Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file. | 2014-02-28 | 6.9 | CVE-2014-0774 |
| telligent -- evolution | Cross-site scripting (XSS) vulnerability in controlpanel/loading.aspx in Telligent Evolution before 6.1.19.36103, 7.x before 7.1.12.36162, 7.5.x, and 7.6.x before 7.6.7.36651 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information. | 2014-02-27 | 4.3 | CVE-2014-1223 |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apple -- mac_os_x | CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an unattended workstation. | 2014-02-26 | 3.6 | CVE-2014-1257 |
| catfish_project -- catfish | Untrusted search path vulnerability in Catfish through 0.4.0.3 allows local users to gain privileges via a Trojan horse catfish.py in the current working directory. | 2014-02-26 | 1.9 | CVE-2014-2093 |
| catfish_project -- catfish | Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the current working directory. | 2014-02-26 | 1.9 | CVE-2014-2094 |
| catfish_project -- catfish | Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working directory. | 2014-02-26 | 1.9 | CVE-2014-2095 |
| catfish_project -- catfish | Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working directory. | 2014-02-26 | 1.9 | CVE-2014-2096 |
| emberjs -- ember.js | Cross-site scripting (XSS) vulnerability in the link-to helper in Ember.js 1.2.x before 1.2.2, 1.3.x before 1.3.2, and 1.4.x before 1.4.0-beta.6, when used in non-block form, allows remote attackers to inject arbitrary web script or HTML via the title attribute. | 2014-02-27 | 2.6 | CVE-2014-0046 |
| ibm -- websphere_extreme_scale_client | IBM WebSphere eXtreme Scale Client through 8.6.0 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportunistic circumstances by leveraging access to the same web container. | 2014-02-22 | 3.5 | CVE-2013-6734 |
| ibm -- rational_focal_point | Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2014-02-25 | 3.5 | CVE-2014-0840 |
| ibm -- rational_focal_point | Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file. | 2014-02-25 | 3.5 | CVE-2014-0843 |
| ibm -- rational_focal_point | Multiple cross-site scripting (XSS) vulnerabilities in the (1) ForwardController and (2) AttributeEditor scripts in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2014-02-25 | 3.5 | CVE-2014-0853 |
| ibm -- content_navigator | IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL. | 2014-02-27 | 3.5 | CVE-2014-0858 |
| ibm -- cognos_business_intelligence | Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 10.1 before IF6 and 10.2 before IF7 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter that is not properly handled during use of the back/return button. | 2014-02-22 | 3.5 | CVE-2014-0861 |
| ibm -- content_navigator | Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter. | 2014-02-28 | 3.5 | CVE-2014-0874 |
| linux -- linux_kernel | The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature. | 2014-02-28 | 2.6 | CVE-2014-1690 |
| linux -- linux_kernel | The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file. | 2014-02-28 | 3.7 | CVE-2014-2038 |
| linux-nfs -- nfs-utils | The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. | 2014-02-26 | 1.9 | CVE-2011-1749 |
| redhat -- jboss_enterprise_application_platform | The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files. | 2014-02-26 | 1.9 | CVE-2014-0058 |
'IT 와 Social 이야기 > Security' 카테고리의 다른 글
| [Hurricane Labs] Big Data, Security Intelligence (0) | 2014.03.07 |
|---|---|
| [anupriti] Big Data and Security Challenges (0) | 2014.03.07 |
| [US-CERT: Bulletin (SB14-055)] 2014년 2월 14일 까지 공개된 보안 취약점 (0) | 2014.02.25 |
| [BrightTALK] 2014: The year ahead in cyber security (0) | 2014.01.17 |
| 사이버 범죄의 비즈니스 모델들 (0) | 2013.09.26 |