Vulnerability Summary for the Week of August 12, 2013
Released
Aug 19, 2013
Document ID
SB13-231
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache -- open_for_business_project | Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) functions via JUEL metacharacters in unspecified parameters, related to nested expressions. | 2013-08-15 | 10.0 | CVE-2013-2250 |
| bigtreecms -- bigtree_cms | SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. | 2013-08-14 | 7.5 | CVE-2013-4879 |
| cotonti -- cotonti_siena | SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php. | 2013-08-09 | 7.5 | CVE-2013-4789 |
| f5 -- big-ip_access_policy_manager | Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter. | 2013-08-09 | 9.3 | CVE-2013-0150 |
| hp -- h3c_ethernet_switch | The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet. | 2013-08-12 | 7.0 | CVE-2013-4806 |
| ibm -- lotus_domino | Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW. | 2013-08-09 | 9.3 | CVE-2013-3027 |
| ibm -- system_x3950_x5 | The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors. | 2013-08-09 | 10.0 | CVE-2013-4031 |
| ioserver -- ioserver | The master-station DNP3 driver before driver19.exe, and Beta2041.exe, in IOServer allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets to TCP port 20000. | 2013-08-13 | 7.8 | CVE-2013-2790 |
| libraw -- libraw | Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file. | 2013-08-14 | 7.5 | CVE-2013-2126 |
| libraw -- libraw | Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 2013-08-14 | 7.5 | CVE-2013-2127 |
| microsoft -- windows_vista | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka "Remote Procedure Call Vulnerability." | 2013-08-14 | 10.0 | CVE-2013-3175 |
| microsoft -- windows_server_2003 | usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability." | 2013-08-14 | 9.3 | CVE-2013-3181 |
| microsoft -- windows_server_2012 | The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause a denial of service (memory corruption and system hang) via crafted packets, aka "Windows NAT Denial of Service Vulnerability." | 2013-08-14 | 7.8 | CVE-2013-3182 |
| microsoft -- windows_8 | The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang) via crafted packets, aka "ICMPv6 Vulnerability." | 2013-08-14 | 7.8 | CVE-2013-3183 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2013-08-14 | 9.3 | CVE-2013-3184 |
| microsoft -- internet_explorer | The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level (aka IL) protection mechanism, which allows remote attackers to obtain medium-integrity privileges by leveraging access to a low-integrity process, aka "Process Integrity Level Assignment Vulnerability." | 2013-08-14 | 7.6 | CVE-2013-3186 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3191 and CVE-2013-3193. | 2013-08-14 | 9.3 | CVE-2013-3187 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3189. | 2013-08-14 | 9.3 | CVE-2013-3188 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3188. | 2013-08-14 | 9.3 | CVE-2013-3189 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2013-08-14 | 9.3 | CVE-2013-3190 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3187 and CVE-2013-3193. | 2013-08-14 | 9.3 | CVE-2013-3191 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3187 and CVE-2013-3191. | 2013-08-14 | 9.3 | CVE-2013-3193 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2013-08-14 | 9.3 | CVE-2013-3194 |
| microsoft -- windows_8 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3197 and CVE-2013-3198. | 2013-08-14 | 7.2 | CVE-2013-3196 |
| microsoft -- windows_8 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3198. | 2013-08-14 | 7.2 | CVE-2013-3197 |
| microsoft -- windows_8 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3197. | 2013-08-14 | 7.2 | CVE-2013-3198 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 2013-08-14 | 9.3 | CVE-2013-3199 |
| moxa -- oncell_gateway_g3211 | Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmware before 1.4 do not use a sufficient source of entropy for SSH and SSL keys, which makes it easier for remote attackers to obtain access by leveraging knowledge of a key from a product installation elsewhere. | 2013-08-09 | 7.1 | CVE-2012-3039 |
| netwin -- surgeftp | Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request. | 2013-08-09 | 7.5 | CVE-2013-4742 |
| phpfox -- phpfox | SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/. | 2013-08-14 | 7.5 | CVE-2013-5120 |
| phpfox -- phpfox | SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/. | 2013-08-14 | 7.5 | CVE-2013-5121 |
| sagelighteditor -- sagelight | Integer overflow in Sagelight 4.4 and earlier allows remote attackers to execute arbitrary code via crafted width and height dimensions in a BMP file, which triggers a heap-based buffer overflow. | 2013-08-09 | 9.3 | CVE-2013-3480 |
| selinc -- sel-2241 | Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet. | 2013-08-09 | 7.1 | CVE-2013-2792 |
| siemens -- comos | The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access. | 2013-08-09 | 7.2 | CVE-2013-4943 |
| squid-cache -- squid | Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request. | 2013-08-09 | 7.8 | CVE-2013-4115 |
| xnview -- xnview | Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. | 2013-08-09 | 9.3 | CVE-2013-2577 |
| yard_radius_project -- yard_radius | Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in a request in the (1) log_msg function in log.c or (2) version or (3) build_version function in version.c. | 2013-08-09 | 7.5 | CVE-2013-4147 |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| alienvault -- open_source_security_information_management | Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to inject arbitrary web script or HTML via the withoutmenu parameter to (1) vulnmeter/index.php or (2) vulnmeter/sched.php; the (3) section parameter to av_inventory/task_edit.php; the (4) profile parameter to nfsen/rrdgraph.php; or the (5) scan_server or (6) targets parameter to vulnmeter/simulate.php. | 2013-08-15 | 4.3 | CVE-2013-5300 |
| alkacon -- opencms | Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to system/workplace/views/admin/admin-main.jsp or the (2) requestedResource parameter to system/login/index.html. | 2013-08-09 | 4.3 | CVE-2013-4600 |
| apache -- open_for_business_project | Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2013-08-15 | 4.3 | CVE-2013-2137 |
| b-e-soft -- artweaver | Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file. | 2013-08-09 | 6.8 | CVE-2013-2576 |
| bigtreecms -- bigtree_cms | Cross-site scripting (XSS) vulnerability in core/admin/modules/developer/modules/views/add.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter. | 2013-08-14 | 4.3 | CVE-2013-4880 |
| cisco -- finesse | Cisco Finesse allows remote attackers to obtain sensitive information by sniffing the network for HTTP query data, aka Bug ID CSCug16732. | 2013-08-12 | 5.0 | CVE-2013-3455 |
| cisco -- finesse | Absolute path traversal vulnerability in the web interface in Cisco Finesse allows remote attackers to read directory contents via a direct request to a directory URL, aka Bug ID CSCug16772. | 2013-08-12 | 5.0 | CVE-2013-3457 |
| cisco -- ios_xr | Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling, and device reload) by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347. | 2013-08-13 | 4.6 | CVE-2013-3464 |
| cory_lamle -- duplicator | Cross-site scripting (XSS) vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter. | 2013-08-09 | 4.3 | CVE-2013-4625 |
| franz_holzinger -- static_methods | Cross-site scripting (XSS) vulnerability in the Static Methods since 2007 (div2007) extension before 0.10.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the t3lib_div::quoteJSvalue function. | 2013-08-09 | 4.3 | CVE-2013-5100 |
| happyworm -- jplayer | Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-1942 and CVE-2013-2022. | 2013-08-15 | 4.3 | CVE-2013-2023 |
| ibm -- sterling_b2b_integrator | IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted HTTP (1) Range or (2) Request-Range header. | 2013-08-09 | 5.0 | CVE-2013-0494 |
| ibm -- websphere_portal | Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Portal, (2) Portal 7.0.0.2, (3) Portal 8.0, or (4) PortalWeb2 theme. | 2013-08-15 | 4.3 | CVE-2013-0587 |
| ibm -- lotus_domino | Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA. | 2013-08-09 | 4.3 | CVE-2013-3032 |
| ibm -- infosphere_information_server | IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is incorrect, which allows remote attackers to enumerate user accounts via a brute-force attack. | 2013-08-15 | 5.0 | CVE-2013-3040 |
| ibm -- lotus_domino | Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2. | 2013-08-09 | 4.3 | CVE-2013-3990 |
| ibm -- system_x3950_x5 | The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack. | 2013-08-09 | 4.3 | CVE-2013-4037 |
| ibm -- system_x3950_x5 | The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file. | 2013-08-09 | 4.0 | CVE-2013-4038 |
| juniper -- junos_space | Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469. | 2013-08-16 | 4.3 | CVE-2013-5095 |
| juniper -- junos_space | Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804. | 2013-08-16 | 4.0 | CVE-2013-5096 |
| juniper -- junos_space | Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462. | 2013-08-16 | 4.0 | CVE-2013-5097 |
| lars_hjemli -- cgit | Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | 2013-08-09 | 4.3 | CVE-2013-2117 |
| magnolia-cms -- magnolia_form_module | Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Form module 1.x before 1.4.7 and 2.x before 2.0.2 for Magnolia CMS allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) fullname, or (3) email parameter to magnoliaPublic/demo-project/members-area/registration.html. | 2013-08-09 | 4.3 | CVE-2013-4759 |
| microsoft -- active_directory_federation_services | Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allows remote attackers to obtain sensitive information about the service account, and possibly conduct account-lockout attacks, by connecting to an endpoint, aka "AD FS Information Disclosure Vulnerability." | 2013-08-14 | 5.0 | CVE-2013-3185 |
| microsoft -- internet_explorer | Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability." | 2013-08-14 | 4.3 | CVE-2013-3192 |
| mikejolley -- download_monitor | Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the p parameter. | 2013-08-09 | 4.3 | CVE-2013-3262 |
| mikejolley -- download_monitor | Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the sort parameter, a different vulnerability than CVE-2013-3262. | 2013-08-09 | 4.3 | CVE-2013-5098 |
| mongodb -- mongodb | bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef." | 2013-08-15 | 4.3 | CVE-2013-2132 |
| nagios -- nagstamon | The automatic update request in Nagstamont before 0.9.10 uses a cleartext base64 format for transmission of a username and password, which allows remote attackers to obtain sensitive information by sniffing the network. | 2013-08-16 | 5.0 | CVE-2013-4114 |
| open-emr -- openemr | Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) start or (2) end parameter to interface/reports/custom_report_range.php, or the (3) form_newid parameter to custom/chart_tracker.php. | 2013-08-09 | 6.5 | CVE-2013-4619 |
| open-emr -- openemr | Cross-site scripting (XSS) vulnerability in interface/main/onotes/office_comments_full.php in OpenEMR 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the note parameter. | 2013-08-09 | 4.3 | CVE-2013-4620 |
| owncloud -- owncloud | Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-2022 and CVE-2013-2023. | 2013-08-15 | 4.3 | CVE-2013-1942 |
| php -- php | Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. | 2013-08-13 | 6.8 | CVE-2011-4718 |
| redhat -- jboss_enterprise_application_platform | Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client. | 2013-08-16 | 6.4 | CVE-2013-4128 |
| redhat -- jboss_enterprise_application_platform | Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client. | 2013-08-16 | 6.4 | CVE-2013-4213 |
| sap -- netweaver | The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128. | 2013-08-16 | 5.0 | CVE-2013-3319 |
| schneider-electric -- vijeo_citect | Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 2013-08-09 | 6.9 | CVE-2013-2796 |
| selinc -- sel-2241 | Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. | 2013-08-09 | 4.7 | CVE-2013-2798 |
| silverstripe -- silverstripe | Multiple cross-site scripting (XSS) vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName, (2) Surname, or (3) Email parameter to code/forms/OrderFormAddress.php; or the (4) FirstName or (5) Surname parameter to code/forms/ShopAccountForm.php. | 2013-08-09 | 4.3 | CVE-2012-6458 |
| xen -- xen | Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction. | 2013-08-14 | 4.7 | CVE-2013-2078 |
| xhanch -- my_twitter | Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings. | 2013-08-09 | 6.8 | CVE-2013-3253 |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| anchor -- anchor_cms | Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions from comments.php are used by article.php. | 2013-08-09 | 2.6 | CVE-2013-5099 |
| cybozu -- mailwise | Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox. | 2013-08-15 | 3.5 | CVE-2013-4698 |
| ibm -- informix_open_admin_tool | Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin Tool (OAT) 2.x and 3.x before 3.11.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2013-08-09 | 3.5 | CVE-2013-0492 |
| ibm -- infosphere_information_server | Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to the (1) web console and (2) repository management user interfaces. | 2013-08-15 | 3.5 | CVE-2013-0585 |
| ibm -- infosphere_information_server | Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the web console. | 2013-08-15 | 3.5 | CVE-2013-3034 |
| ibm -- advanced_management_module | Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2013-08-15 | 3.5 | CVE-2013-4007 |
| nttdocomo -- overseas_usage | The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly connect to Wi-Fi access points, which allows remote attackers to obtain sensitive information by leveraging presence in an 802.11 network's coverage area. | 2013-08-09 | 3.3 | CVE-2013-3659 |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.