원본기사확인하기: [US-CERT: Bulletin(SB14-322)] 2014년 11월 10일까지 발표된 보안 취약점
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe -- air | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0588 and CVE-2014-8438. | 2014-11-11 | 10.0 | CVE-2014-0573 |
adobe -- air | Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors. | 2014-11-11 | 10.0 | CVE-2014-0574 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0581, CVE-2014-8440, and CVE-2014-8441. | 2014-11-11 | 10.0 | CVE-2014-0576 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590. | 2014-11-11 | 10.0 | CVE-2014-0577 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-8440, and CVE-2014-8441. | 2014-11-11 | 10.0 | CVE-2014-0581 |
adobe -- air | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0589. | 2014-11-11 | 10.0 | CVE-2014-0582 |
adobe -- air | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unspecified vectors. | 2014-11-11 | 7.5 | CVE-2014-0583 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590. | 2014-11-11 | 10.0 | CVE-2014-0584 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0586, and CVE-2014-0590. | 2014-11-11 | 10.0 | CVE-2014-0585 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0590. | 2014-11-11 | 10.0 | CVE-2014-0586 |
adobe -- air | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-8438. | 2014-11-11 | 10.0 | CVE-2014-0588 |
adobe -- air | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0582. | 2014-11-11 | 10.0 | CVE-2014-0589 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0586. | 2014-11-11 | 10.0 | CVE-2014-0590 |
adobe -- air | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-0588. | 2014-11-11 | 10.0 | CVE-2014-8438 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8441. | 2014-11-11 | 10.0 | CVE-2014-8440 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8440. | 2014-11-11 | 10.0 | CVE-2014-8441 |
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions. | 2014-11-11 | 7.5 | CVE-2014-8442 |
apache -- mod_auth_mellon | The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request. | 2014-11-14 | 9.4 | CVE-2014-8567 MLIST CONFIRM |
belkin -- n750_wireless_router | Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote attackers to execute arbitrary code via a long sting in the jump parameter. | 2014-11-12 | 10.0 | CVE-2014-1635 MISC MISC BID EXPLOIT-DB OSVDB |
checkpoint -- security_gateway | Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering or (2) Identity Awareness blade is used, allows remote attackers to cause a denial of service (crash) via vectors involving an HTTPS request. | 2014-11-16 | 7.1 | CVE-2014-8950 CONFIRM SECUNIA |
checkpoint -- security_gateway | Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the (1) Application Control, (2) URL Filtering, (3) DLP, (4) Threat Emulation, (5) Anti-Bot, or (6) Anti-Virus blade is used, allows remote attackers to cause a denial of service (fwk0 process crash, core dump, and restart) via a redirect to the UserCheck page. | 2014-11-16 | 7.1 | CVE-2014-8951 SECUNIA |
checkpoint -- security_gateway | Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the (1) IPS blade, (2) IPsec Remote Access, (3) Mobile Access / SSL VPN blade, (4) SSL Network Extender, (5) Identify Awareness blade, (6) HTTPS Inspection, (7) UserCheck, or (8) Data Leak Prevention blade module is enabled, allow remote attackers to cause a denial of service ("stability issue") via an unspecified "traffic condition." | 2014-11-16 | 7.1 | CVE-2014-8952 SECUNIA |
cisco -- ios | Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509. | 2014-11-14 | 7.1 | CVE-2014-7998 |
freerdp_project -- freerdp | Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. | 2014-11-16 | 10.0 | CVE-2014-0250 CONFIRM BID MLIST SUSE |
hp -- helion_cloud_development_ |
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection. | 2014-11-13 | 10.0 | CVE-2014-7878 |
huawei -- ec156 | Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory. | 2014-11-13 | 7.2 | CVE-2014-8359 XF BID MISC MISC |
libreoffice -- libreoffice | Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. | 2014-11-07 | 7.5 | CVE-2014-3693 SECUNIA SECUNIA |
linux -- linux_kernel | The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. | 2014-11-10 | 7.8 | CVE-2014-3673 CONFIRM CONFIRM CONFIRM |
linux -- linux_kernel | The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter. | 2014-11-10 | 7.8 | CVE-2014-3687 CONFIRM CONFIRM CONFIRM |
magentocommerce -- magmi | Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI (aka Magento Mass Importer) plugin 0.7.17a and earlier for Magento Community Edition (CE) allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file, then accessing the PHP file via a direct request to it in magmi/plugins/. | 2014-11-13 | 9.0 | CVE-2014-8770 EXPLOIT-DB OSVDB |
mantisbt -- mantisbt | SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1609. | 2014-11-13 | 7.5 | CVE-2014-8554 XF BID CONFIRM MLIST MLIST |
microsoft -- windows_server_2003 | Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability." | 2014-11-11 | 7.2 | CVE-2014-4076 |
microsoft -- office | Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014. | 2014-11-11 | 9.3 | CVE-2014-4077 |
microsoft -- xml_core_services | XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (system-state corruption) via crafted XML content, aka "MSXML Remote Code Execution Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-4118 |
microsoft -- internet_explorer | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6341. | 2014-11-11 | 9.3 | CVE-2014-4143 |
microsoft -- .net_framework | Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-4149 |
microsoft -- windows_7 | Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability." | 2014-11-11 | 7.1 | CVE-2014-6317 MS CONFIRM |
microsoft -- windows_7 | Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability." | 2014-11-11 | 10.0 | CVE-2014-6321 |
microsoft -- windows_7 | OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows OLE Automation Array Remote Code Execution Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6332 |
microsoft -- office_compatibility_pack | Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Double Delete Remote Code Execution Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6333 |
microsoft -- office_compatibility_pack | Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Bad Index Remote Code Execution Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6334 |
microsoft -- office_compatibility_pack | Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Invalid Pointer Remote Code Execution Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6335 |
microsoft -- internet_explorer | Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6337 |
microsoft -- internet_explorer | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4143. | 2014-11-11 | 9.3 | CVE-2014-6341 |
microsoft -- internet_explorer | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6348. | 2014-11-11 | 9.3 | CVE-2014-6342 |
microsoft -- internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6343 |
microsoft -- internet_explorer | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6344 |
microsoft -- internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6347 |
microsoft -- internet_explorer | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6342. | 2014-11-11 | 9.3 | CVE-2014-6348 |
microsoft -- internet_explorer | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6351 |
microsoft -- internet_explorer | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2014-11-11 | 9.3 | CVE-2014-6353 |
netbsd -- netbsd | The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect. | 2014-11-17 | 7.5 | CVE-2014-8517 SECUNIA SECUNIA MLIST MLIST SUSE |
php-fusion -- php-fusion | Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/ |
2014-11-17 | 7.5 | CVE-2014-8596 MISC XF BID EXPLOIT-DB MISC OSVDB |
qemu -- qemu | The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling. | 2014-11-14 | 7.2 | CVE-2014-3689 MLIST UBUNTU OSVDB DEBIAN DEBIAN SECUNIA SECUNIA SECUNIA |
redhat -- openshift | Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors. | 2014-11-13 | 7.5 | CVE-2014-3674 |
rockwellautomation -- connected_components_workbench | Rockwell Automation Connected Components Workbench (CCW) before 7.00.00 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an invalid property value to an ActiveX control that was built with an outdated compiler. | 2014-11-13 | 7.5 | CVE-2014-5424 |
samba -- ppp | Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables." | 2014-11-15 | 7.5 | CVE-2014-3158 CONFIRM MLIST FEDORA |
webfs -- webfs | The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file. | 2014-11-16 | 7.2 | CVE-2013-0347 XF BID MLIST MLIST MLIST OSVDB |
Medium Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe -- air | Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow remote attackers to discover session tokens via unspecified vectors. | 2014-11-11 | 5.0 | CVE-2014-8437 |
apache -- cordova | Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL. | 2014-11-15 | 6.4 | CVE-2014-3500 BID |
apache -- cordova | Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView. | 2014-11-15 | 4.3 | CVE-2014-3501 BID |
apache -- cordova | Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent. | 2014-11-15 | 4.3 | CVE-2014-3502 BID |
apache -- qpid | XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message. | 2014-11-17 | 4.3 | CVE-2014-3629 XF BID BUGTRAQ SECUNIA MISC |
arubanetworks -- clearpass | Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-11-07 | 4.3 | CVE-2014-6620 SECUNIA |
arubanetworks -- clearpass | Cross-site request forgery (CSRF) vulnerability in the Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to hijack the authentication of a logged in user via unspecified vectors. | 2014-11-07 | 4.3 | CVE-2014-6623 SECUNIA |
bad_behavior_project -- bad_behavior | The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file. | 2014-11-12 | 4.0 | CVE-2014-8735 |
bestpractical -- rt-extension-mobileui | The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13, when using the file-based session store (Apache::Session::File) and certain authentication extensions, allows remote attackers to reuse unauthorized sessions and obtain user preferences and caches via unspecified vectors. | 2014-11-15 | 5.0 | CVE-2013-3737 OSVDB SECUNIA |
cisco -- unified_communications_manager | The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a legitimate Certification Authority, aka Bug ID CSCuq86376. | 2014-11-13 | 4.3 | CVE-2014-7991 |
cisco -- ios | The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014. | 2014-11-17 | 5.0 | CVE-2014-7992 |
cisco -- ios | The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281. | 2014-11-14 | 6.1 | CVE-2014-7997 |
citrix -- netscaler_application_ |
Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors. | 2014-11-07 | 4.9 | CVE-2014-8580 |
codecanyon -- phpsound | Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Description fields in a playlist or the (3) filter parameter in an explore action to index.php. | 2014-11-17 | 4.3 | CVE-2014-8954 EXPLOIT-DB MISC |
docker -- docker | Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. | 2014-11-17 | 5.0 | CVE-2014-5277 CONFIRM SUSE |
drupal -- ubercart | The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors. | 2014-11-15 | 6.0 | CVE-2012-2301 BID MLIST MLIST SECUNIA |
elipse -- e3 | Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash and plant outage) via a rapid series of HTTP requests to index.html on TCP port 1681. | 2014-11-10 | 5.0 | CVE-2014-8652 FULLDISC MISC |
f5 -- big-ip_local_traffic_manager | Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/ |
2014-11-17 | 6.2 | CVE-2014-8727 CONFIRM BID EXPLOIT-DB MISC |
gnu -- gnutls | The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs. | 2014-11-13 | 5.0 | CVE-2014-8564 CONFIRM SECUNIA SECUNIA |
haxx -- libcurl | The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information. | 2014-11-15 | 4.3 | CVE-2014-3707 UBUNTU CONFIRM |
ibm -- security_identity_manager | Directory traversal vulnerability in IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to read arbitrary files via unspecified vectors. | 2014-11-17 | 5.0 | CVE-2014-6095 AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- security_identity_manager | Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 2014-11-17 | 4.3 | CVE-2014-6096 AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- db2 | IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement. | 2014-11-08 | 4.0 | CVE-2014-6097 AIXAPAR |
ibm -- security_identity_manager | IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to discover cleartext passwords via a crafted request. | 2014-11-17 | 5.0 | CVE-2014-6098 AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- security_identity_manager | IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 2014-11-17 | 4.3 | CVE-2014-6105 AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- security_identity_manager | IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session. | 2014-11-17 | 4.3 | CVE-2014-6107 AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- netcool/impact | Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact 6.1.1 before 6.1.1.1-TIV-NCI-IF0001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2014-11-08 | 4.3 | CVE-2014-6161 XF |
imember360 -- imember360 | Cross-site request forgery (CSRF) vulnerability in the iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote attackers to hijack the authentication of administrators for requests that with an unspecified impact via the i4w_trace parameter. NOTE: this can be leveraged with CVE-2014-8948 to execute arbitrary commands. | 2014-11-16 | 6.8 | CVE-2014-8948 EXPLOIT-DB SECUNIA FULLDISC MISC OSVDB |
imember360 -- imember360 | The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the i4w_trace parameter. NOTE: this can be leveraged with CVE-2014-8948 to allow remote attackers to execute code. NOTE: it is not clear whether this issue itself crosses privileges. | 2014-11-16 | 6.0 | CVE-2014-8949 EXPLOIT-DB SECUNIA FULLDISC MISC OSVDB |
ipa -- ilogscanner | Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows remote attackers to inject arbitrary web script or HTML by triggering a crafted entry in a log file. | 2014-11-14 | 4.3 | CVE-2014-7248 JVNDB JVN |
jexperts -- channel_platform | Multiple cross-site scripting (XSS) vulnerabilities in JExperts Channel Platform 5.0.33_CCB allow remote attackers to inject arbitrary web script or HTML via the (1) usuario.nome variable in an editarUsuario action to usuario.do or (2) titulo.form variable in a novoChamado action to ticket.do. | 2014-11-13 | 4.3 | CVE-2014-8557 XF BID FULLDISC MISC |
linux -- linux_kernel | The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c. | 2014-11-10 | 4.9 | CVE-2014-3610 CONFIRM CONFIRM UBUNTU MLIST CONFIRM |
linux -- linux_kernel | Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation. | 2014-11-10 | 4.9 | CVE-2014-3611 CONFIRM UBUNTU MLIST CONFIRM |
linux -- linux_kernel | arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. | 2014-11-10 | 4.9 | CVE-2014-3690 CONFIRM CONFIRM MLIST MLIST CONFIRM CONFIRM |
linux -- linux_kernel | A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access. | 2014-11-10 | 4.9 | CVE-2014-7207 CONFIRM MLIST |
linux -- linux_kernel | kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application. | 2014-11-10 | 4.9 | CVE-2014-7825 CONFIRM CONFIRM MLIST CONFIRM |
linux -- linux_kernel | kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application. | 2014-11-10 | 4.6 | CVE-2014-7826 CONFIRM CONFIRM MLIST CONFIRM |
linux -- linux_kernel | The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601. | 2014-11-10 | 4.6 | CVE-2014-8369 MLIST CONFIRM CONFIRM MLIST CONFIRM |
linux -- linux_kernel | The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. | 2014-11-10 | 4.9 | CVE-2014-8480 CONFIRM CONFIRM MLIST MLIST CONFIRM |
linux -- linux_kernel | The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480. | 2014-11-10 | 4.9 | CVE-2014-8481 CONFIRM CONFIRM MLIST MLIST CONFIRM |
linux -- linux_kernel | The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. | 2014-11-10 | 4.9 | CVE-2014-8559 MLIST MLIST MLIST MLIST MLIST MLIST MLIST CONFIRM MLIST |
linux -- linux_kernel | The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. | 2014-11-10 | 5.0 | CVE-2014-8709 CONFIRM MLIST CONFIRM CONFIRM |
manageengine -- password_manager_pro | SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allows remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter. | 2014-11-17 | 6.5 | CVE-2014-8498 MISC XF BID EXPLOIT-DB FULLDISC MISC OSVDB |
manageengine -- password_manager_pro | Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allow remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter to (1) SQLAdvancedALSearchResult.cc or (2) AdvancedSearchResult.cc. | 2014-11-17 | 6.5 | CVE-2014-8499 MISC XF XF BID EXPLOIT-DB FULLDISC MISC OSVDB OSVDB |
megnicholas -- clean_and_simple_contact_form | Cross-site scripting (XSS) vulnerability in the Contact Form Clean and Simple (clean-and-simple-contact- |
2014-11-17 | 4.3 | CVE-2014-8955 XF MISC |
microsoft -- internet_information_services | The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability." | 2014-11-11 | 5.0 | CVE-2014-4078 |
microsoft -- sharepoint_foundation | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elevation of Privilege Vulnerability." | 2014-11-11 | 4.3 | CVE-2014-4116 |
microsoft -- windows_7 | The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts supplying valid credentials, which makes it easier for remote attackers to bypass intended access restrictions via a series of attempts, aka "Remote Desktop Protocol (RDP) Failure to Audit Vulnerability." | 2014-11-11 | 5.0 | CVE-2014-6318 |
microsoft -- windows_7 | The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted web site, as demonstrated by execution of web script in Internet Explorer, aka "Windows Audio Service Vulnerability." | 2014-11-11 | 4.3 | CVE-2014-6322 |
microsoft -- internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability." | 2014-11-11 | 4.3 | CVE-2014-6323 |
microsoft -- active_directory_federation_ |
Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-out endpoint, does not properly process logoff actions, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation, aka "Active Directory Federation Services Information Disclosure Vulnerability." | 2014-11-11 | 5.0 | CVE-2014-6331 |
microsoft -- internet_explorer | Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability." | 2014-11-11 | 5.0 | CVE-2014-6339 |
microsoft -- internet_explorer | Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability." | 2014-11-11 | 4.3 | CVE-2014-6340 |
microsoft -- internet_explorer | Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability." | 2014-11-11 | 4.3 | CVE-2014-6345 |
microsoft -- internet_explorer | Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability." | 2014-11-11 | 4.3 | CVE-2014-6346 |
microsoft -- internet_explorer | Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350. | 2014-11-11 | 4.3 | CVE-2014-6349 |
microsoft -- internet_explorer | Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349. | 2014-11-11 | 4.3 | CVE-2014-6350 |
mumble -- mumble | The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service (hang and resource consumption) via a local file reference in an (1) image tag or (2) XML stylesheet in an SVG file. | 2014-11-16 | 5.0 | CVE-2014-3755 MISC BID MLIST MLIST |
mumble -- mumble | The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service (hang and resource consumption) via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the (1) user or (2) channel name in a Qt dialog, (3) subject common name or (4) email address to the Certificate Wizard, or (5) server name in a tooltip. | 2014-11-16 | 5.0 | CVE-2014-3756 BID MLIST MLIST |
open_atrium_project -- open_atrium | The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revision of the node. | 2014-11-12 | 5.0 | CVE-2014-8736 |
phpmemcachedadmin_project -- phpmemcachedadmin | Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-11-17 | 4.3 | CVE-2014-8732 XF BID BUGTRAQ BUGTRAQ MISC |
phpmoneybooks -- phpmoneybooks | Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | 2014-11-17 | 4.3 | CVE-2012-1669 BID BUGTRAQ EXPLOIT-DB FULLDISC MISC OSVDB |
phpmoneybooks -- phpmoneybooks | Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue might have been fixed in 1.0.3. | 2014-11-17 | 4.3 | CVE-2012-6665 SECUNIA OSVDB |
phpmyadmin -- phpmyadmin | Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js. | 2014-11-08 | 4.3 | CVE-2014-6300 CONFIRM SUSE |
phpscriptlerim -- php_scriptlerim_who's_who | Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin account via a request to filepath/yonetim/plugin/ |
2014-11-17 | 6.8 | CVE-2014-8953 XF EXPLOIT-DB MISC |
progress -- openedge | Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter. | 2014-11-12 | 5.0 | CVE-2014-8555 MISC EXPLOIT-DB |
puppetlabs -- facter | Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_ |
2014-11-16 | 6.2 | CVE-2014-3248 BID SECUNIA SECUNIA MISC |
qemu -- qemu | Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption. | 2014-11-15 | 4.6 | CVE-2014-5388 MLIST CONFIRM UBUNTU MLIST MLIST CONFIRM |
qemu -- qemu | The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value. | 2014-11-14 | 5.0 | CVE-2014-7815 CONFIRM SECUNIA SECUNIA SECUNIA CONFIRM |
redhat -- openshift | Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme. | 2014-11-16 | 6.5 | CVE-2014-0233 CONFIRM |
redhat -- libvirt | The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE, which triggers the use of the VIR_DOMAIN_XML_SECURE flag. | 2014-11-13 | 5.0 | CVE-2014-7823 SECUNIA |
rubyonrails -- ruby_on_rails | The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string. | 2014-11-16 | 5.0 | CVE-2014-3916 XF BID MLIST MLIST |
rubyonrails -- ruby_on_rails | Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow. | 2014-11-15 | 5.0 | CVE-2014-4975 CONFIRM XF UBUNTU MLIST |
rubyonrails -- ruby_on_rails | Directory traversal vulnerability in actionpack/lib/action_ |
2014-11-08 | 4.3 | CVE-2014-7818 MLIST |
rubyonrails -- ruby_on_rails | Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding. | 2014-11-08 | 5.0 | CVE-2014-7819 MLIST MLIST |
trendmicro -- interscan_web_security_ |
The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters. | 2014-11-07 | 4.0 | CVE-2014-8510 MISC |
uninett -- mod_auth_mellon | The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory." | 2014-11-15 | 6.4 | CVE-2014-8566 SECUNIA REDHAT |
vtiger -- vtiger_crm | views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote attackers to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by executing arbitrary PHP code via the db_name parameter. | 2014-11-15 | 5.0 | CVE-2014-2268 MISC BID EXPLOIT-DB |
zend -- zend_framework | Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack. NOTE: this issue exists because of an incomplete fix for CVE-2012-5657. | 2014-11-15 | 6.4 | CVE-2014-2681 MANDRIVA MLIST CONFIRM |
zend -- zend_framework | Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0, when PHP-FPM is used, does not properly share the libxml_disable_entity_loader setting between threads, which might allow remote attackers to conduct XML External Entity (XXE) attacks via an XML external entity declaration in conjunction with an entity reference. NOTE: this issue exists because of an incomplete fix for CVE-2012-5657. | 2014-11-15 | 6.8 | CVE-2014-2682 MANDRIVA MLIST CONFIRM |
zend -- zend_framework | Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to cause a denial of service (CPU consumption) via (1) recursive or (2) circular references in an XML entity definition in an XML DOCTYPE declaration, aka an XML Entity Expansion (XEE) attack. NOTE: this issue exists because of an incomplete fix for CVE-2012-6532. | 2014-11-15 | 5.0 | CVE-2014-2683 MANDRIVA MLIST CONFIRM |
zend -- zend_framework | The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 does not verify that the openid_op_endpoint value identifies the same Identity Provider as the provider used in the association handle, which allows remote attackers to bypass authentication and spoof arbitrary OpenID identities by using a malicious OpenID Provider that generates OpenID tokens with arbitrary identifier and claimed_id values. | 2014-11-15 | 6.4 | CVE-2014-2684 MANDRIVA MLIST CONFIRM |
Low Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apache -- hive | Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI. | 2014-11-16 | 3.5 | CVE-2014-0228 BUGTRAQ MISC |
drupal -- organic_groups_menu | The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified vectors. | 2014-11-12 | 3.5 | CVE-2014-8734 XF |
eucalyptus -- eucalyptus | Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, which allows local users to obtain sensitive information by reading cloud-requests.log. | 2014-11-07 | 2.1 | CVE-2014-5037 SECUNIA |
eucalyptus -- eucalyptus | Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. | 2014-11-07 | 2.1 | CVE-2014-5038 |
forgerock -- openam | The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0 through 11.0.2, when deployed on a multi-server network, allows remote authenticated users to cause a denial of service (infinite loop) via a crafted cookie in a request. | 2014-11-13 | 3.5 | CVE-2014-7246 JVNDB JVN |
freebsd -- freebsd | The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a call to getlogin, which returns the entire buffer. | 2014-11-13 | 2.1 | CVE-2014-8476 FREEBSD SECUNIA SECUNIA |
ibm -- security_identity_manager | IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions, which allows remote attackers to access sessions by leveraging an unattended workstation. | 2014-11-17 | 3.3 | CVE-2014-6110 AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- sterling_b2b_integrator | IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files. | 2014-11-08 | 1.9 | CVE-2014-6146 XF AIXAPAR |
ibm -- db2 | IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement. | 2014-11-08 | 3.5 | CVE-2014-6159 XF AIXAPAR AIXAPAR AIXAPAR |
linux -- linux_kernel | arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. | 2014-11-10 | 2.1 | CVE-2014-3645 CONFIRM MLIST CONFIRM |
linux -- linux_kernel | arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. | 2014-11-10 | 2.1 | CVE-2014-3646 CONFIRM CONFIRM UBUNTU MLIST |
linux -- linux_kernel | arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. | 2014-11-10 | 2.1 | CVE-2014-3647 CONFIRM CONFIRM UBUNTU MLIST CONFIRM |
nlnetlabs -- ldns | The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file. | 2014-11-15 | 2.1 | CVE-2014-3209 CONFIRM CONFIRM BID MLIST MLIST |
python -- python | Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value. | 2014-11-15 | 3.3 | CVE-2014-2667 MLIST MLIST MLIST SUSE SUSE |
qemu -- qemu | The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket. | 2014-11-07 | 2.1 | CVE-2014-3640 DEBIAN MLIST MLIST MLIST |
redhat -- jboss_enterprise_application_ |
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions audit.log, which allows local users to obtain sensitive information by reading this file. | 2014-11-17 | 2.1 | CVE-2014-0059 |
redhat -- openshift | Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp. | 2014-11-13 | 2.1 | CVE-2014-3602 |
'IT 와 Social 이야기 > Security' 카테고리의 다른 글
[US-CERT: Bulletin(SB14-328)] 2014년 11월 17일까지 발표된 보안 취약점 (0) | 2014.11.25 |
---|---|
[Michelangelo van Dam] 90K Reasons Security is a Must (0) | 2014.11.19 |
[US-CERT: Bulletin(SB14-314)] 2014년 11월 03일까지 발표된 보안 취약점 (0) | 2014.11.11 |
[US-CERT: Bulletin(SB14-307)] 2014년 10월 27일까지 발표된 보안 취약점 (0) | 2014.11.04 |
[Chiheb Chebbi] Security In Internet Banking (0) | 2014.10.31 |