Vulnerability Summary for the Week of February 10, 2014

Please Note:

• The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low.

• The CVE indentity number is the publicly known ID given to that particular vulnerability. Therefore you can search the status of that particular vulnerability using that ID.

• The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the severity of the vulnerability.

High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity adobe -- adobe_air Stack-based buffer overflow in Adobe Flash 2014-02-21 10.0 CVE-2014-0498 Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on , Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors. adobe -- adobe_air Adobe Flash Player before 11.7.700.269 and 2014-02-21 7.8 CVE-2014-0499 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors. adobe -- adobe_air Double free vulnerability in Adobe Flash Player 2014-02-21 10.0 CVE-2014-0502 before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014. cisco -- SQL injection vulnerability in the Certificate 2014-02-20 7.5 CVE-2014-0734 unified_communications_ Authority Proxy Function (CAPF) manager implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483. csounds -- csound Multiple stack-based buffer overflows in Csound 2014-02-17 7.5 CVE-2012-0270 before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c. freepbx -- freepbx admin/libraries/view.functions.php in FreePBX 2014-02-18 7.5 CVE-2014-1903 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php. -- sametime The Meeting Server in IBM Sametime 8.5.2 2014-02-14 7.5 CVE-2013-3983 through 8.5.2.1 and 9.x through 9.0.0.1 does not validate URLs in Cookie headers before using them in redirects, which has unspecified impact and remote attack vectors. ibm -- sametime The Meeting Server in IBM Sametime 8.5.2 2014-02-14 7.5 CVE-2013-6742 through 8.5.2.1 and 9.x through 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. irfanview -- irfanview Heap-based buffer overflow in IrfanView before 2014-02-14 7.5 CVE-2013-5351 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file. jetroplatforms -- The client in Jetro COCKPIT Secure Browsing 2014-02-18 9.3 CVE-2014-1861 jetro_cockpit_secure_bro (JCSB) 4.3.1 and 4.3.3 does not validate the wsing FileName element in an RDP_FILE_TRANSFER document, which allows remote JCSB servers to execute arbitrary programs by providing a .EXE extension. linux -- linux_kernel The tcp_rcv_state_process function in 2014-02-15 7.8 CVE-2012-6638 net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663. linux-nfs -- nfs-utils The host_reliable_addrinfo function in 2014-02-15 7.5 CVE-2011-2500 support/export/hostname.c in nfs-utils before 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote attackers to mount filesystems by establishing crafted DNS A and PTR records. linuxcontainers -- lxc The lxc-sshd template (templates/lxc-sshd.in) in 2014-02-14 7.2 CVE-2013-6441 LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file. litech -- Buffer overflow in the process_ra function in the 2014-02-17 7.5 CVE-2011-3601 router_advertisement_da router advertisement daemon (radvd) before emon 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value. litech -- The process_ra function in the router 2014-02-17 7.5 CVE-2011-3604 router_advertisement_da advertisement daemon (radvd) before 1.8.2 emon allows remote attackers to cause a denial of service (stack-based buffer over-read and crash) via unspecified vectors. microsoft -- Use-after-free vulnerability in Microsoft Internet 2014-02-14 9.3 CVE-2014-0322 internet_explorer Explorer 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, as exploited in the wild in January and February 2014. netfilter_core_team -- extensions/libxt_tcp.c in iptables through 1.4.21 2014-02-15 7.5 CVE-2012-2663 iptables does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. parcimonie_project -- parcimonie before 0.8.1, when using a large 2014-02-14 7.5 CVE-2014-1921 parcimonie keyring, sleeps for the same amount of time between fetches, which allows attackers to correlate key fetches via unspecified vectors. qualcomm -- The CONFIG_STRICT_MEMORY_RWX 2014-02-15 9.3 CVE-2013-4737 quic_mobile_station_mod implementation for the Linux kernel 3.x, as used em_kernel in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by leveraging the presence of RWX memory at a fixed location.

Medium Severity Vulnerabilities The Primary Description Date Published CVSS The CVE Vendor --- Product Score Identity apache -- The get_resource function in repos.c in the 2014-02-14 4.3 CVE-2014-0032 subversion mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command. apple -- iphone_os The iCloud subsystem in Apple iOS before 7.1 2014-02-18 4.9 CVE-2014-2019 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value. bandisoft -- Untrusted search path vulnerability in Bandisoft 2014-02-14 6.9 CVE-2014-1680 bandizip Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. bean_project -- Cross-site scripting (XSS) vulnerability in the Bean 2014-02-14 4.3 CVE-2013-4499 bean module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the bean title. ca -- CA 2E Web Option r8.1.2 accepts a predictable 2014-02-14 5.1 CVE-2014-1219 2e_web_option substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to web2edoc/close.htm. cisco -- The Real Time Monitoring Tool (RTMT) web 2014-02-20 5.0 CVE-2014-0732 unified_communica application in Cisco Unified Communications tions_manager Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct request to a URL, aka Bug ID CSCum46495. cisco -- The Enterprise License Manager (ELM) component 2014-02-20 5.0 CVE-2014-0733 unified_communica in Cisco Unified Communications Manager (Unified tions_manager CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read ELM files via a direct request to a URL, aka Bug ID CSCum46494. cisco -- Cross-site scripting (XSS) vulnerability in the IP 2014-02-20 4.3 CVE-2014-0735 unified_communica Manager Assistant (IPMA) interface in Cisco Unified tions_manager Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum46470. cisco -- Cross-site request forgery (CSRF) vulnerability in the 2014-02-20 6.8 CVE-2014-0736 unified_communica Call Detail Records Analysis and Reporting (CAR) tions_manager page in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make CAR modifications, aka Bug ID CSCum46468. citrix -- Citrix ShareFile Mobile and ShareFile Mobile for 2014-02-21 5.8 CVE-2014-1910 sharefile_mobile Tablets before 2.4.4 for Android do not verify X.509 certificates from SSL servers, which allow man-in- the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. dell -- Cross-site scripting (XSS) vulnerability in mainPage 2014-02-14 4.3 CVE-2014-0332 sonicwall_analyzer in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action. ecryptfs -- ecryptfs- utils/mount.ecryptfs_private.c in ecryptfs-utils 2014-02-15 4.6 CVE-2011-1831 utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call. ecryptfs -- ecryptfs- The encrypted private-directory setup process in 2014-02-15 4.4 CVE-2011-1835 utils utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps. ecryptfs -- ecryptfs- utils/ecryptfs-recover-private in ecryptfs-utils 2014-02-15 4.6 CVE-2011-1836 utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process. emc -- The SSLSocket implementation in the (1) JSAFE and 2014-02-17 5.0 CVE-2014-0625 rsa_bsafe_ssl-j (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered. emc -- The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE 2014-02-17 5.0 CVE-2014-0626 rsa_bsafe_ssl-j SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated. emc -- The SSLEngine API implementation in EMC RSA 2014-02-17 5.0 CVE-2014-0627 rsa_bsafe_ssl-j BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state. feep -- libtar Multiple directory traversal vulnerabilities in the (1) 2014-02-20 5.8 CVE-2013-4420 tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. (dot dot) in a crafted tar file. fine_free_file_proje Fine Free file before 5.17 allows context-dependent 2014-02-18 5.0 CVE-2014-1943 ct -- fine_free_file attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. google -- chrome Google Chrome before 29 sends HTTP Cookie 2014-02-15 6.8 CVE-2013-6166 headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response. ibm -- sametime The Meeting Server in IBM Sametime 8.5.2 through 2014-02-14 5.0 CVE-2013-3978 8.5.2.1 and 9.x through 9.0.0.1 does not send the appropriate HTTP response headers to prevent unwanted caching by a web browser, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation. ibm -- sametime The Meeting Server in IBM Sametime 8.5.2 through 2014-02-14 6.8 CVE-2013-3988 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. internet2 -- The (1) BasicParserPool, (2) StaticBasicParserPool, 2014-02-14 5.0 CVE-2013-6440 opensaml (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration. linux -- linux_kernel The do_devinfo_ioctl function in 2014-02-15 4.9 CVE-2011-2909 drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string. litech -- The process_rs function in the router advertisement 2014-02-17 5.0 CVE-2011-3605 router_advertiseme daemon (radvd) before 1.8.2, when UnicastOnly is nt_daemon enabled, allows remote attackers to cause a denial of service (temporary service hang) via a large number of ND_ROUTER_SOLICIT requests. livezilla -- livezilla Multiple cross-site scripting (XSS) vulnerabilities in 2014-02-14 4.3 CVE-2013-7032 the web based operator client in LiveZilla before 5.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name of an uploaded file or (2) customer name in a resource created from an uploaded file, a different vulnerability than CVE- 2013-7003. mozilla -- firefox Mozilla Firefox through 27 sends HTTP Cookie 2014-02-15 6.8 CVE-2013-6167 headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response. mozilla -- Cross-site scripting (XSS) vulnerability in Mozilla 2014-02-17 4.3 CVE-2013-6674 seamonkey Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a related issue to CVE-2014-2018. mozilla -- Cross-site scripting (XSS) vulnerability in Mozilla 2014-02-17 4.3 CVE-2014-2018 seamonkey Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in a (1) OBJECT or (2) EMBED element, a related issue to CVE-2013-6674. openstack -- swift The OpenStack Python client library for Swift 2014-02-18 5.8 CVE-2013-6396 (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. php -- php The libxml RSHUTDOWN function in PHP 5.x allows 2014-02-15 5.0 CVE-2012-1171 remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper. php -- php Integer overflow in the gdImageCrop function in 2014-02-18 6.8 CVE-2013-7226 ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow. php -- php The gdImageCrop function in ext/gd/gd.c in PHP 2014-02-18 6.8 CVE-2013-7327 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE- 2013-7226. php -- php Multiple integer signedness errors in the 2014-02-18 5.8 CVE-2013-7328 gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013- 7226. php -- php ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check 2014-02-18 5.0 CVE-2014-2020 data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226. phpmyfaq -- Cross-site request forgery (CSRF) vulnerability in 2014-02-14 6.8 CVE-2014-0813 phpmyfaq phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings. phpmyfaq -- Cross-site scripting (XSS) vulnerability in phpMyFAQ 2014-02-14 4.3 CVE-2014-0814 phpmyfaq before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. puppetlabs -- Puppet 2.6.0 through 2.6.3 does not properly 2014-02-17 5.5 CVE-2011-0528 puppet restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors. redhat -- kexec- The SSH configuration in the mkdumprd 2014-02-15 5.7 CVE-2011-3588 tools script for kexec-tools, as distributed in the kexec- tools 1.x before 1.102pre-154 and 2.x before 2.0.0- 209 packages in , disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers, and obtain sensitive core information, by using an arbitrary SSH key. redhat -- kexec- The Red Hat mkdumprd script for kexec-tools, as 2014-02-15 5.7 CVE-2011-3589 tools distributed in the kexec-tools 1.x before 1.102pre- 154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file content, as demonstrated by a search for a root SSH key. redhat -- kexec- The Red Hat mkdumprd script for kexec-tools, as 2014-02-15 5.7 CVE-2011-3590 tools distributed in the kexec-tools 1.x before 1.102pre- 154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, includes all of root's SSH private keys within a vmcore file, which allows context- dependent attackers to obtain sensitive information by inspecting the file content. redhat -- sos The sosreport utility in the Red Hat sos package 2014-02-17 4.3 CVE-2011-4083 before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive information by reading the archive. redhat -- Multiple cross-site scripting (XSS) vulnerabilities in 2014-02-14 4.3 CVE-2013-4415 network_satellite Spacewalk and Red Hat Network (RHN) 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3) start_hour, (4) end_am_pm, (5) end_day, (6) end_hour, (7) end_minute, (8) end_month, (9) end_year, (10) optionScanDateSearch, (11) result_filter, (12) search_string, (13) show_as, (14) start_am_pm, (15) start_day, (16) start_hour, (17) start_minute, (18) start_month, (19) start_year, or (20) whereToSearch variable in an scap audit results search; (21) end_minute, (22) end_month, (23) end_year, (24) errata_type_bug, (25) errata_type_enhancement, (26) errata_type_security, (27) fineGrained, (28) list_1892635924_sortdir, (29) optionIssueDateSearch, (30) start_am_pm, (31) start_day, (32) start_hour, (33) start_minute, (34) start_month, (35) start_year, or (36) view_mode variable in an errata search; or (37) fineGrained variable in a systems search, related to PAGE_SIZE_LABEL_SELECTED. rubyonrails -- SQL injection vulnerability in 2014-02-20 6.8 CVE-2014-0080 ruby_on_rails activerecord/lib/active_record/connection_adapter s//cast.rb in Active Record in Ruby on Rails 4.0.x before 4.0.3, and 4.1.0.beta1, when PostgreSQL is used, allows remote attackers to execute "add data" SQL commands via vectors involving \ (backslash) characters that are not properly handled in operations on array columns. rubyonrails -- Multiple cross-site scripting (XSS) vulnerabilities in 2014-02-20 4.3 CVE-2014-0081 ruby_on_rails actionview/lib/action_view/helpers/number_helpe r.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper. rubyonrails -- actionpack/lib/action_view/template/text.rb in 2014-02-20 5.0 CVE-2014-0082 ruby_on_rails Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service (memory consumption) by including these strings in headers. ryan_ohara -- The Piranha Configuration Tool in Piranha 0.8.6 2014-02-14 5.8 CVE-2013-6492 piranha does not properly restrict access to webpages, which allows remote attackers to bypass authentication and read or modify the LVS configuration via an HTTP POST request. sap -- netweaver The Solution Manager in SAP NetWeaver does not 2014-02-14 5.0 CVE-2014-1960 properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors. sap -- netweaver Unspecified vulnerability in the Portal WebDynPro 2014-02-14 5.0 CVE-2014-1961 in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors. sap -- Gwsync in SAP CRM 7.02 EHP 2 allows remote 2014-02-14 5.0 CVE-2014-1962 customer_relations attackers to obtain sensitive information via hip_management unspecified vectors, related to an XML External Entity (XXE) issue. sap -- netweaver Unspecified vulnerability in Message Server in SAP 2014-02-14 5.0 CVE-2014-1963 NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors. sap -- netweaver Cross-site scripting (XSS) vulnerability in the 2014-02-14 4.3 CVE-2014-1964 Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error. sap -- netweaver Cross-site scripting (XSS) vulnerability in 2014-02-14 4.3 CVE-2014-1965 ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP. -- Cross-site scripting (XSS) vulnerability in the API in 2014-02-17 4.3 CVE-2013-1070 metal_as_a_service Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/. vtiger -- vtiger_crm Cross-site scripting (XSS) vulnerability in vTiger CRM 2014-02-14 4.3 CVE-2013-7326 5.4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) return_url parameter to modules\com_vtiger_workflow\savetemplate.php, or unspecified vectors to (2) deletetask.php, (3) edittask.php, (4) savetask.php, or (5) saveworkflow.php. xen -- xen Use-after-free vulnerability in the 2014-02-14 4.6 CVE-2014-1950 xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause a denial of service (heap corruption) and possibly gain privileges via unspecified vectors.

Low Severity Vulnerabilities The Primary Description Date Published CVSS The CVE Vendor --- Product Score Identity apache -- tomcat ** DISPUTED ** Apache Tomcat 7.x uses world- 2014-02-15 2.1 CVE-2013-0346 readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has stated "The tomcat log directory does not contain any sensitive information." ecryptfs -- ecryptfs- utils/mount.ecryptfs_private.c in ecryptfs-utils 2014-02-15 2.1 CVE-2011-1832 utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call. ecryptfs -- ecryptfs- utils/mount.ecryptfs_private.c in ecryptfs-utils 2014-02-15 2.1 CVE-2011-1834 utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call. ecryptfs -- ecryptfs- The lock-counter implementation in 2014-02-15 3.6 CVE-2011-1837 utils utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors. hp -- HP Linux Imaging and Printing (HPLIP) before 3.13.2 2014-02-15 2.1 CVE-2012-6108 linux_imaging_and uses world-writable permissions for /var/log/hp _printing_project and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations. ibm -- sametime Cross-site scripting (XSS) vulnerability in the Meeting 2014-02-14 3.5 CVE-2013-6743 Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IMG element. openstack -- OpenStack Image Registry and Delivery Service 2014-02-14 2.6 CVE-2014-1948 image_registry_an (Glance) 2013.2 through 2013.2.1 and Icehouse d_delivery_service_ before icehouse-2 logs a URL containing the Swift (glance) store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log. phpmyadmin -- Cross-site scripting (XSS) vulnerability in import.php 2014-02-20 3.5 CVE-2014-1879 phpmyadmin in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action. redhat -- Multiple cross-site scripting (XSS) vulnerabilities in 2014-02-14 3.5 CVE-2012-6149 network_satellite systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call. redhat -- Cross-site scripting (XSS) vulnerability in 2014-02-14 3.5 CVE-2013-1871 network_satellite account/EditAddress.do in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter. redhat -- Red Hat JBoss Enterprise Application Platform 2014-02-14 1.9 CVE-2014-0018 jboss_enterprise_a (JBEAP) 6.2.0 and JBoss WildFly Application Server, pplication_platform when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment. shemminger -- iproute2 before 3.3.0 allows local users to overwrite 2014-02-15 3.3 CVE-2012-1088 iproute2 arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client- script. ubuntu -- Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses 2014-02-17 2.1 CVE-2013-1069 metal_as_a_service world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.

• Sources: http://nvd.nist.gov (For more information visit the National Vulnerabilities Database (NVD) which contains a database of every vulnerability that has ever been published).