Vulnerability Summary for the Week of April 20, 2015
Released
Apr 27, 2015
Document ID
SB15-117
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apport_project -- apport | The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container). | 2015-04-17 | 7.2 | CVE-2015-1318 CONFIRM CONFIRM UBUNTU |
| cisco -- unified_meetingplace | Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712. | 2015-04-20 | 9.0 | CVE-2015-0702 CISCO |
| google -- chrome | Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation. | 2015-04-19 | 7.5 | CVE-2015-1237 CONFIRM CONFIRM CONFIRM |
| google -- chrome | Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | 2015-04-19 | 7.5 | CVE-2015-1238 CONFIRM CONFIRM |
| google -- chrome | The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization. | 2015-04-19 | 7.5 | CVE-2015-1242 CONFIRM CONFIRM CONFIRM CONFIRM |
| google -- chrome | Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 2015-04-19 | 7.5 | CVE-2015-1249 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| google -- chrome | Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 2015-04-19 | 7.5 | CVE-2015-3333 CONFIRM |
| google -- chrome | The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox. | 2015-04-19 | 7.5 | CVE-2015-3335 CONFIRM CONFIRM |
| ibm -- domino | IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9. | 2015-04-21 | 10.0 | CVE-2015-0135 CONFIRM |
| kiegroup -- drools | XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file. | 2015-04-21 | 7.5 | CVE-2014-8125 CONFIRM CONFIRM CONFIRM REDHAT REDHAT |
| microsoft -- windows_7 | Unspecified vulnerability in Microsoft Windows before 8 allows local users to gain privileges via unknown vectors, as exploited in the wild in April 2015. | 2015-04-21 | 7.2 | CVE-2015-1701 MISC MISC |
| new_atlanta -- blue_dragon | Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart. | 2015-04-21 | 7.5 | CVE-2014-5370 MISC FULLDISC MISC |
| searchblox -- searchblox | Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 8.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and the image/jpeg content type, a different vulnerability than CVE-2013-3590. | 2015-04-17 | 7.5 | CVE-2015-0968 CERT-VN |
| simple_ads_manager_project -- simple_ads_manager | Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the path parameter. | 2015-04-21 | 7.5 | CVE-2015-2825 CONFIRM MISC FULLDISC MISC |
| sixapart -- movabletype | Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates. | 2015-04-17 | 7.5 | CVE-2015-0845 CONFIRM DEBIAN |
| tp-link -- tl-wrd741nd_(5.0) | Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/. | 2015-04-21 | 7.8 | CVE-2015-3035 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MISC BUGTRAQ FULLDISC MISC |
| wikiwiki_project -- wikiwiki | SQL injection vulnerability in the WikiWiki module before 6.x-1.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2015-04-21 | 7.5 | CVE-2015-3346 MISC CONFIRM MLIST |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| alfresco -- alfresco | Cross-site request forgery (CSRF) vulnerability in the Alfresco module before 6.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete an alfresco node via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3366 MISC CONFIRM MLIST |
| amazon_aws_project -- amazon_aws | The Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and AWS access key to generate the access token, which makes it easier for remote attackers to guess the token value and create backups via a crafted URL. | 2015-04-21 | 5.0 | CVE-2015-3373 MISC CONFIRM MLIST CONFIRM |
| apache -- tomcat_connectors | Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors. | 2015-04-21 | 5.0 | CVE-2014-8111 REDHAT REDHAT REDHAT REDHAT |
| balanced -- commerce_balanced_payments | Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete the user's configured bank accounts via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3388 MISC MLIST |
| batch_jobs_project -- batch_jobs | Multiple cross-site request forgery (CSRF) vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that (1) delete a batch job record or (2) execute a task via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3355 MISC MISC MLIST |
| certify_project -- certify | The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing (and creating) the PDF certificates." | 2015-04-22 | 4.0 | CVE-2015-3404 MISC CONFIRM MLIST MLIST |
| cisco -- unified_meetingplace | Cross-site scripting (XSS) vulnerability in the administrative web interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus95857. | 2015-04-20 | 4.3 | CVE-2015-0703 CISCO |
| cisco -- unified_meetingplace | Multiple cross-site request forgery (CSRF) vulnerabilities in API features in Cisco Unified MeetingPlace 8.6(1.9) allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus95884. | 2015-04-21 | 6.8 | CVE-2015-0704 CISCO |
| cisco -- unified_meetingplace | Cross-site request forgery (CSRF) vulnerability in the SOAP API endpoints of the web-services directory in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts, aka Bug ID CSCus97494. | 2015-04-21 | 6.8 | CVE-2015-0705 CISCO |
| cisco -- firesight_system_software | Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966. | 2015-04-22 | 5.8 | CVE-2015-0706 CISCO |
| cloudwords -- cloudwords_for_multilingual | Cross-site request forgery (CSRF) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback. | 2015-04-21 | 6.8 | CVE-2015-3347 MISC CONFIRM MLIST |
| corner_project -- _corner | Multiple cross-site request forgery (CSRF) vulnerabilities in the Corner module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable corners via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3374 MISC MLIST |
| dounokouno -- transmitmail | Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename. | 2015-04-23 | 4.3 | CVE-2015-0910 JVNDB JVN CONFIRM |
| dounokouno -- transmitmail | Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling. | 2015-04-23 | 5.0 | CVE-2015-0911 JVNDB JVN CONFIRM |
| fibonacciorange -- wedeal | Open redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter. | 2015-04-21 | 5.8 | CVE-2015-3393 MISC CONFIRM XF MLIST |
| funnymonkey -- feature_set | Multiple cross-site request forgery (CSRF) vulnerabilities in the Feature Set module for Drupal allow remote attackers to hijack the authentication of administrator for requests that (1) enable or (2) disable a module via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3380 MISC MLIST |
| google -- chrome | The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element. | 2015-04-19 | 5.0 | CVE-2015-1235 CONFIRM CONFIRM CONFIRM |
| google -- chrome | The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element. | 2015-04-19 | 4.3 | CVE-2015-1236 CONFIRM CONFIRM CONFIRM |
| google -- chrome | gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency. | 2015-04-19 | 5.0 | CVE-2015-1240 CONFIRM CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. | 2015-04-19 | 4.3 | CVE-2015-1241 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| google -- chrome | The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic. | 2015-04-19 | 5.0 | CVE-2015-1244 CONFIRM CONFIRM CONFIRM |
| google -- chrome | Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering interaction with a PDFium "Open PDF in Reader" button that has an invalid tab association. | 2015-04-19 | 6.8 | CVE-2015-1245 CONFIRM CONFIRM CONFIRM |
| google -- chrome | Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2015-04-19 | 5.0 | CVE-2015-1246 CONFIRM CONFIRM |
| google -- chrome | The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site. | 2015-04-19 | 5.0 | CVE-2015-1247 CONFIRM CONFIRM CONFIRM |
| google -- chrome | The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL. | 2015-04-19 | 4.3 | CVE-2015-1248 CONFIRM CONFIRM |
| google -- chrome | browser/ui/website_settings/website_settings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive video data from a device's physical environment via a crafted web site that turns on the camera at a time when the user believes that camera access is prohibited. | 2015-04-19 | 4.3 | CVE-2015-3334 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruption) by constructing a crafted HTML document containing JavaScript code with requestFullScreen and requestPointerLock calls, and arranging for the user to access this document with a file: URL. | 2015-04-19 | 4.3 | CVE-2015-3336 CONFIRM CONFIRM |
| htaccess_project -- htaccess | Multiple cross-site request forgery (CSRF) vulnerabilities in the Htaccess module before 7.x-2.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) deploy or (2) delete an .htaccess file via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3349 MISC CONFIRM MLIST |
| ibm -- infosphere_biginsights | The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via (1) a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary user or (2) an import of a certain Hive table definition with the HCAT_SYNC_OBJECTS procedure. | 2015-04-22 | 6.5 | CVE-2015-1889 CONFIRM |
| insite -- node_basket | Multiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2) remove nodes from a basket via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3382 MISC MLIST |
| insite -- node_basket | Open redirect vulnerability in the Node basket module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3383 MISC MLIST |
| jammer_project -- jammer | Multiple cross-site request forgery (CSRF) vulnerabilities in the Jammer module before 6.x-1.8 and 7.x-1.x before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete a setting for (1) hidden form elements or (2) status messages via unspecified vectors, related to "report administration." | 2015-04-21 | 6.8 | CVE-2015-3352 MISC CONFIRM CONFIRM MLIST |
| joshics -- contact_form_fields | Cross-site request forgery (CSRF) vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete fields via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3363 MISC CONFIRM MLIST |
| landesk -- landesk_management_suite | Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serverServices.aspx. | 2015-04-21 | 6.8 | CVE-2014-5361 BUGTRAQ MISC |
| levelteninteractive -- content_analysis | Cross-site scripting (XSS) vulnerability in the Content Analysis module before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message. | 2015-04-21 | 4.3 | CVE-2015-3364 MISC CONFIRM MLIST |
| linux -- linux_kernel | net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. | 2015-04-21 | 4.6 | CVE-2015-2041 CONFIRM CONFIRM MLIST CONFIRM |
| linux -- linux_kernel | net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. | 2015-04-21 | 4.6 | CVE-2015-2042 CONFIRM CONFIRM MLIST CONFIRM |
| log_watcher_project -- log_watcher | Multiple cross-site request forgery (CSRF) vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable, (2) disable, or (3) delete a report via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3351 MISC CONFIRM MLIST |
| niif -- shibboleth_authentication_module | Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3375 MISC CONFIRM CONFIRM MLIST |
| node_invite_project -- node_invite | Cross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "node_invite_can_manage_invite" permission for requests that re-enable node invitations via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3370 MISC CONFIRM MLIST |
| node_invite_project -- node_invite | Open redirect vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter. | 2015-04-21 | 5.8 | CVE-2015-3371 MISC CONFIRM MLIST |
| opac_project -- opac | Cross-site request forgery (CSRF) vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors. | 2015-04-21 | 6.8 | CVE-2015-3343 MISC CONFIRM MLIST |
| openstack -- keystonemiddleware | The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144. | 2015-04-17 | 4.3 | CVE-2015-1852 CONFIRM MLIST |
| openstack -- swift | OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container. | 2015-04-17 | 5.5 | CVE-2015-1856 CONFIRM MLIST |
| path_breadcrumbs_project -- path_breadcrumbs | The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtaining sensitive node titles by reading a 403 Not Found page. | 2015-04-21 | 5.0 | CVE-2015-3391 MISC CONFIRM XF MLIST |
| patterns -- patterns | Multiple cross-site request forgery (CSRF) vulnerabilities in the Patterns module before 7.x-2.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) restore, (2) publish, or (3) unpublish a pattern via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3367 MISC CONFIRM MLIST |
| phplist_integration_project -- phplist_integration | SQL injection vulnerability in the PHPlist Integration Module before 6.x-1.7 for Drupal allows remote administrators to execute arbitrary SQL commands via unspecified vectors, related to the "phpList database." | 2015-04-21 | 6.5 | CVE-2015-3345 MISC CONFIRM MLIST |
| qemu -- qemu | The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions. | 2015-04-21 | 4.9 | CVE-2014-9718 MLIST CONFIRM |
| searchblox -- searchblox | Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp. | 2015-04-17 | 4.3 | CVE-2015-0967 CERT-VN |
| searchblox -- searchblox | SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI. | 2015-04-17 | 5.0 | CVE-2015-0969 CERT-VN |
| searchblox -- searchblox | Cross-site request forgery (CSRF) vulnerability in SearchBlox before 8.2 allows remote attackers to hijack the authentication of arbitrary users. | 2015-04-17 | 6.8 | CVE-2015-0970 CERT-VN |
| symantec -- workspace_streaming | Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe. | 2015-04-22 | 6.9 | CVE-2015-1484 CONFIRM BID |
| tadaa!_project -- tadaa! | Multiple cross-site request forgery (CSRF) vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) enable or (2) disable modules or (3) change variables via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3356 CONFIRM MISC MLIST |
| tadaa!_project -- tadaa! | Multiple open redirect vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a destination parameter, related to callbacks that (1) enable and disable modules or (2) change variables. | 2015-04-21 | 5.8 | CVE-2015-3358 MISC CONFIRM MLIST |
| todo_filter_project -- todo_filter | Cross-site request forgery (CSRF) vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors. | 2015-04-21 | 6.8 | CVE-2015-3350 MISC CONFIRM CONFIRM MLIST |
| ubercart_currency_conversion_project -- ubercart_currency_conversion | Open redirect vulnerability in the Ubercart Currency Conversion module before 6.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter. | 2015-04-21 | 5.8 | CVE-2015-3342 MISC CONFIRM BID MLIST |
| views_project -- views | Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to the break lock page for edited views. | 2015-04-21 | 4.9 | CVE-2015-3378 MISC CONFIRM CONFIRM CONFIRM MLIST |
| views_project -- views | The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | 2015-04-21 | 4.0 | CVE-2015-3379 MISC CONFIRM CONFIRM CONFIRM MLIST |
| wishlist_project -- wishlist | Cross-site request forgery (CSRF) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete wishlist purchase intentions via unspecified vectors. | 2015-04-21 | 5.8 | CVE-2015-3354 MISC CONFIRM CONFIRM MLIST |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ajax_timeline_project -- ajax_timeline | Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 3.5 | CVE-2015-3392 MISC CONFIRM XF MLIST |
| cisco -- firesight_system_software | Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCus85425. | 2015-04-22 | 3.5 | CVE-2015-0707 CISCO |
| cloudwords -- cloudwords_for_multilingual | Cross-site scripting (XSS) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 3.5 | CVE-2015-3348 MISC CONFIRM MLIST |
| commerce_balanced_payments_project -- commerce_balanced_payments | Cross-site scripting (XSS) vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2015-04-21 | 3.5 | CVE-2015-3384 MISC MLIST |
| dlc_solutions -- course | Cross-site scripting (XSS) vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 3.5 | CVE-2015-3344 MISC CONFIRM CONFIRM MLIST |
| facebook_album_fetcher_project -- facebook_album_fetcher | Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors. | 2015-04-21 | 3.5 | CVE-2015-3390 MISC XF MLIST |
| field_display_label_project -- field_display_label | Cross-site scripting (XSS) vulnerability in the Field Display Label module before 7.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the alternate field label in content types settings. | 2015-04-21 | 3.5 | CVE-2015-3353 MISC CONFIRM MLIST |
| insite -- node_basket | Cross-site scripting (XSS) vulnerability in the Node basket module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2015-04-21 | 3.5 | CVE-2015-3381 MISC MLIST |
| linkit_project -- linkit | Cross-site scripting (XSS) vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 2.1 | CVE-2015-3361 MISC CONFIRM CONFIRM MLIST |
| node_access_product_project -- node_access_product | Cross-site scripting (XSS) vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 3.5 | CVE-2015-3386 MISC MLIST |
| node_invite_project -- node_invite | Cross-site scripting (XSS) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 3.5 | CVE-2015-3372 MISC CONFIRM MLIST |
| nodeauthor_project -- nodeauthor | Cross-site scripting (XSS) vulnerability in the nodeauthor module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a Profile2 field in a provided block. | 2015-04-21 | 3.5 | CVE-2015-3365 MISC MLIST |
| osinet -- classified_ads | Cross-site scripting (XSS) vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a category name. | 2015-04-21 | 3.5 | CVE-2015-3368 MISC CONFIRM CONFIRM MLIST |
| public_download_count_project -- public_download_count | Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authnticated users to inject arbitrary web script or HTML via unspecified vectors. | 2015-04-21 | 3.5 | CVE-2015-3389 MISC XF MLIST |
| quizzler_project -- quizzler | Cross-site scripting (XSS) vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 3.5 | CVE-2015-3376 MISC CONFIRM MLIST |
| randall_library -- room_reservations | Multiple cross-site scripting (XSS) vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the (1) node title of a "Room Reservations Category" or (2) body of a "Room Reservations Room" node. | 2015-04-21 | 3.5 | CVE-2015-3359 MISC CONFIRM MLIST |
| redhat -- jboss_enterprise_application_platform | The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors. | 2015-04-21 | 2.1 | CVE-2014-3586 CONFIRM REDHAT REDHAT REDHAT REDHAT |
| taxonews_project -- taxonews | Cross-site scripting (XSS) vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block. | 2015-04-21 | 3.5 | CVE-2015-3369 MISC CONFIRM CONFIRM MLIST |
| taxonomy_path_project -- taxonomy_path | Cross-site scripting (XSS) vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link to path" field formatter. | 2015-04-21 | 3.5 | CVE-2015-3385 MISC CONFIRM MLIST |
| taxonomy_tools_project -- taxonomy_tools | Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Tools module before 7.x-1.4 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via a (1) node or (2) taxonomy term title. | 2015-04-21 | 3.5 | CVE-2015-3387 MISC CONFIRM MLIST |
| term_merge_project -- term_merge | Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2015-04-21 | 3.5 | CVE-2015-3360 MISC CONFIRM MLIST |
| video_project -- video | Cross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 2015-04-21 | 3.5 | CVE-2015-3362 MISC CONFIRM MLIST |
| wishlist_project -- wishlist | Cross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message. | 2015-04-21 | 3.5 | CVE-2015-3357 MISC CONFIRM CONFIRM MLIST |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.