[eSecuritytogo: Risk & Vulnerability Assessment]
| High Vulnerabilities | ||||
|---|---|---|---|---|
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
| Back to top | ||||
| adobe -- shockwave_player | Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a "downgrading" attack. | 2012-12-20 | 9.3 | CVE-2012-6270 |
| ca -- identityminder | Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to execute arbitrary commands or modify data via unknown vectors. | 2012-12-26 | 10.0 | CVE-2012-6298 |
| ca -- identityminder | Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors. | 2012-12-26 | 10.0 | CVE-2012-6299 |
| carlosgavazzi -- eos-box_photovoltaic_monitoring_system | Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issue to CVE-2012-5861. | 2012-12-23 | 7.5 | CVE-2012-6427 |
| carlosgavazzi -- eos-box_photovoltaic_monitoring_system | Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password in a PHP script, a similar issue to CVE-2012-5862. | 2012-12-23 | 10.0 | CVE-2012-6428 |
| citrix -- xenapp | The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. | 2012-12-26 | 9.3 | CVE-2012-5161 |
| foscam -- h.264_hi3510/11/12_ip_camera | The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL. | 2012-12-21 | 10.0 | CVE-2012-3002 |
| ibm -- rational_automation_framework | IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080. | 2012-12-26 | 7.5 | CVE-2012-4816 |
| ibm -- tivoli_storage_manager_for_space_management | Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors. | 2012-12-21 | 7.2 | CVE-2012-4859 |
| ibm -- tivoli_netview | Unspecified vulnerability in IBM Tivoli NetView 1.4, 5.1 through 5.4, and 6.1 on z/OS allows local users to gain privileges by leveraging access to the normal Unix System Services (USS) security level. | 2012-12-26 | 7.2 | CVE-2012-5951 |
| mysql -- mysql | Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE. | 2012-12-21 | 7.5 | CVE-2012-0882 |
| netiq -- edirectory | Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors. | 2012-12-25 | 10.0 | CVE-2012-0432 |
| netiq -- privileged_user_manager | Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request. | 2012-12-24 | 10.0 | CVE-2012-5932 |
| novell -- iprint | Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action. | 2012-12-24 | 10.0 | CVE-2012-0411 |
| oracle -- glassfish_web_space_server10.0 | Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors. | 2012-12-21 | 10.0 | CVE-2012-1712 |
| oracle -- hyperion_financial_management | Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 allows remote attackers to execute arbitrary code via unknown vectors. | 2012-12-21 | 10.0 | CVE-2012-1714 |
| rubyonrails -- ruby_on_rails | SQL injection vulnerability in the Authlogic gem for Ruby on Rails allows remote attackers to execute arbitrary SQL commands via a crafted parameter in conjunction with a secret_token value, related to certain behavior of find_by_id and other find_by_ methods. | 2012-12-26 | 7.5 | CVE-2012-5664 |
| scripthead -- webmail_plus | SQL injection vulnerability in the Webmail Plus module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2012-12-26 | 7.5 | CVE-2012-5590 |
| symantec -- endpoint_protection | The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors. | 2012-12-18 | 7.2 | CVE-2012-4348 |
| Medium Vulnerabilities | ||||
|---|---|---|---|---|
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
| Back to top | ||||
| catalin_florian_radut -- zeropoint | Cross-site scripting (XSS) vulnerability in the Zero Point module 6.x-1.x before 6.x-1.18 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the path aliases. | 2012-12-26 | 4.3 | CVE-2012-5591 |
| citrix -- xendesktop | Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows authenticated users to retain access to the USB device. | 2012-12-26 | 5.0 | CVE-2012-6314 |
| concrete5 -- concrete5 | Cross-site scripting (XSS) vulnerability in concrete5 Japanese 5.5.1 through 5.5.2.1 and concrete5 English 5.5.0 through 5.6.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2012-12-21 | 4.3 | CVE-2012-5181 |
| emc -- data_protection_advisor | Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors. | 2012-12-26 | 5.0 | CVE-2012-4616 |
| epiqo -- email | Cross-site scripting (XSS) vulnerability in the Email Field module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the mailto link. | 2012-12-26 | 4.3 | CVE-2012-5587 |
| fetchmail -- fetchmail | Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read. | 2012-12-21 | 5.8 | CVE-2012-3482 |
| ibm -- rational_policy_tester | IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tester before 8.5.0.3 do not validate X.509 certificates during scanning, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary certificate. | 2012-12-28 | 5.8 | CVE-2012-0738 |
| ibm -- rational_policy_tester | IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tester before 8.5.0.3 do not validate X.509 certificates during use of the Manual Explore Proxy feature, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary certificate. | 2012-12-28 | 5.8 | CVE-2012-0741 |
| ibm -- tivoli_storage_manager_for_space_management | Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors. | 2012-12-21 | 6.4 | CVE-2012-5954 |
| linux -- linux_kernel | The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality. | 2012-12-21 | 4.9 | CVE-2012-0957 |
| linux -- linux_kernel | The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments. | 2012-12-21 | 5.0 | CVE-2012-4444 |
| linux -- linux_kernel | The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats. | 2012-12-21 | 4.7 | CVE-2012-4565 |
| linux -- linux_kernel | The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator. | 2012-12-21 | 4.0 | CVE-2012-5517 |
| linux -- linux_kernel | The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669. | 2012-12-27 | 4.9 | CVE-2012-5532 |
| m2osw -- tableofcontents | The Table of Contents module 6.x-3.x before 6.x-3.8 for Drupal does not properly check node permissions, which allows remote attackers to read a node's headers by accessing a table of contents block. | 2012-12-26 | 4.3 | CVE-2012-5584 |
| naver -- loctouch | The Loctouch application 3.4.6 and earlier for Android does not properly handle implicit intents, which allows attackers to obtain sensitive information about logged locations via a crafted application. | 2012-12-26 | 4.3 | CVE-2012-5182 |
| netiq -- edirectory | Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2012-12-25 | 4.3 | CVE-2012-0428 |
| netiq -- edirectory | dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request. | 2012-12-25 | 4.0 | CVE-2012-0429 |
| netiq -- edirectory | Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors. | 2012-12-25 | 6.4 | CVE-2012-0430 |
| netiq -- privileged_user_manager | The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request. | 2012-12-24 | 6.4 | CVE-2012-5930 |
| netiq -- privileged_user_manager | Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname. | 2012-12-24 | 5.5 | CVE-2012-5931 |
| openstack -- folsom | OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV). | 2012-12-26 | 4.3 | CVE-2012-5625 |
| opera -- opera_mini | The Opera Mobile application before 12.1 and Opera Mini application before 7.5 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application. | 2012-12-26 | 4.3 | CVE-2012-5180 |
| oracle -- essbase_server | Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors. | 2012-12-21 | 6.8 | CVE-2012-3133 |
| perl -- perl | The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference. | 2012-12-21 | 4.3 | CVE-2011-2728 |
| ps_project_management_team -- unity-firefox-extension | content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage. | 2012-12-26 | 4.3 | CVE-2012-0958 |
| sebastian_heinlein -- aptdaemon | Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack. | 2012-12-26 | 4.3 | CVE-2012-0962 |
| sensiolabs -- symfony | Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string. | 2012-12-27 | 6.4 | CVE-2012-6431 |
| sensiolabs -- symfony | Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI beginning with a /_internal substring. | 2012-12-27 | 6.8 | CVE-2012-6432 |
| siemens -- ros | Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations. | 2012-12-23 | 4.3 | CVE-2012-4698 |
| vmware -- vcenter_server_appliance | Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors. | 2012-12-21 | 4.0 | CVE-2012-6324 |
| vmware -- vcenter_server_appliance | VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors. | 2012-12-21 | 4.0 | CVE-2012-6325 |
| xmlsoft -- libxml2 | libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. | 2012-12-21 | 5.0 | CVE-2012-0841 |
| Low Vulnerabilities | ||||
|---|---|---|---|---|
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
| Back to top | ||||
| N/A -- N/A | Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter. | 2012-12-28 | 3.5 | CVE-2012-3871 |
| boatmob -- boat_browser | The Boat Browser application before 4.2 and Boat Browser Mini application before 3.9 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application. | 2012-12-26 | 1.2 | CVE-2012-5179 |
| d-link -- dcs-932l_camera | The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value. | 2012-12-24 | 3.3 | CVE-2012-4046 |
| debian -- apt | Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by reading the log file. | 2012-12-26 | 2.1 | CVE-2012-0961 |
| epiqo -- email | The Email Field module 6.x-1.x before 6.x-1.3 for Drupal, when using a field permission module and the field contact field formatter is set to the full or teaser display mode, does not properly check permissions, which allows remote attackers to email the stored address via unspecified vectors. | 2012-12-26 | 2.6 | CVE-2012-5588 |
| gnome -- gnome_display_manager | vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs. | 2012-12-21 | 1.9 | CVE-2010-2387 |
| linux -- linux_kernel | The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message. | 2012-12-27 | 3.6 | CVE-2012-2669 |
| linux -- linux_kernel | Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. | 2012-12-21 | 1.9 | CVE-2012-4508 |
| marc_ingram -- services | The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource." | 2012-12-26 | 2.1 | CVE-2012-5586 |
| mixpanel_project -- mixpanel | Cross-site scripting (XSS) vulnerability in the Mixpanel module 6.x-1.x before 6.x-1.1 in Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via the Maxpanel token. | 2012-12-26 | 2.1 | CVE-2012-5585 |
| naver -- loctouch | The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files. | 2012-12-26 | 2.6 | CVE-2012-5183 |
| netgenius -- multilink | The MultiLink module 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal does not properly check node permissions when generating an in-content link, which allows remote authenticated users with text-editing permissions to read arbitrary node titles via a generated link. | 2012-12-26 | 3.5 | CVE-2012-5589 |
| openstack -- keystone | tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file. | 2012-12-26 | 2.1 | CVE-2012-5483 |
| wordpress -- wordpress | WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a brute-force attack, or modify data via a replay attack. | 2012-12-27 | 2.6 | CVE-2012-5868 |
| x -- x.org_x11 | The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference. | 2012-12-21 | 3.6 | CVE-2012-1699 |
-자세한 정보 확인하기 : Bulletin (SB13-002) Vulnerability Summary for the Week of December 24, 2012
'IT 와 Social 이야기 > Security' 카테고리의 다른 글
| [DB진흥원: DB보안교육] Security기반 DB품질 마스터 과정 (0) | 2013.01.09 |
|---|---|
| [US-CERT: Bulletin (SB13-007)] 2012년 12월 31일까지 공개된 보안 취약점 요약 Vulnerability Symmary (0) | 2013.01.08 |
| 보안 취약점 관리 사이클 Vulnerability Management Life Cycle Diagrams (0) | 2012.12.31 |
| [US-CERT] 12월 17일까지 공개된 보안 취약점 요약 Vulnerability Symmary (0) | 2012.12.30 |
| 18 곳의 2013년 보안 전망 요약 18 Security Prediction for 2013 (0) | 2012.12.27 |
