ID CVE-2014-1869 Type cve Reporter NVD Modified 2017-08-28T21:34:27
Description
Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).
{"result": {"nessus": [{"id": "FREEBSD_PKG_549A277149CC11E4AE2CC80AA9043978.NASL", "type": "nessus", "title": "FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)", "description": "Jenkins Security Advisory :\n\nPlease reference CVE/URL list for details", "published": "2014-10-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=78017", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "lastseen": "2017-10-29T13:37:07"}, {"id": "JENKINS_1_583.NASL", "type": "nessus", "title": "Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities", "description": "The remote web server hosts a version of Jenkins (open source) or CloudBees Jenkins Enterprise that is affected by multiple vulnerabilities :\n\n - An error exists related to file upload processing that allows a remote attacker to overwrite arbitrary files.\n (CVE-2013-2186)\n\n - An input validation error exists related to the included 'ZeroClipboard' component that allows cross-site scripting attacks. (CVE-2014-1869)\n\n - An error exists related to 'CLI handshake' handling that allows denial of service attacks. (CVE-2014-3661)\n\n - An error exists related to handling login attempts using non-existent or incorrect account names that allows a remote attacker to enumerate application user names.\n (CVE-2014-3662)\n\n - An error exists related to handling users having 'Job/CONFIGURE' permissions that allows such users to perform actions meant only for 'Job/CREATE' permissions.\n (CVE-2014-3663)\n\n - An error exists related to handling users having 'Overall/READ' permissions that allows directory traversal attacks. (CVE-2014-3664)\n\n - An error exists related to the 'CLI channel' that allows arbitrary code execution by a remote attacker on the Jenkins master. (CVE-2014-3666)\n\n - An error exists related to handling users having 'Overall/READ' permissions that allows plugin source code to be disclosed. (CVE-2014-3667)\n\n - An input validation error exists related to the 'Monitoring' plugin that allows cross-site scripting attacks. (CVE-2014-3678)\n\n - An error exists related to the 'Monitoring' plugin that allows unauthorized access to sensitive information.\n (CVE-2014-3679)\n\n - An error exists related to handling users having 'Job/READ' permissions that allows such users to obtain default passwords belonging to parameterized jobs. (CVE-2014-3680)\n\n - An unspecified input validation error allows cross-site scripting attacks. (CVE-2014-3681)", "published": "2014-11-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=78859", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "lastseen": "2017-10-29T13:35:05"}], "freebsd": [{"id": "549A2771-49CC-11E4-AE2C-C80AA9043978", "type": "freebsd", "title": "jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS", "description": "\nJenkins Security Advisory:\n\nPlease reference CVE/URL list for details\n\n", "published": "2014-10-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/549a2771-49cc-11e4-ae2c-c80aa9043978.html", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "lastseen": "2017-09-29T19:53:35"}], "archlinux": [{"id": "ASA-201410-2", "type": "archlinux", "title": "jenkins: multiple issues", "description": "- SECURITY-87/CVE-2014-3661 (anonymous DoS attack through CLI handshake)\nThis vulnerability allows unauthenticated users with access to Jenkins'\nHTTP/HTTPS port to mount a DoS attack on Jenkins through thread exhaustion.\n\n- SECURITY-110/CVE-2014-3662 (User name discovery)\nAnonymous users can test if the user of a specific name exists or not\nthrough login attempts.\n\n- SECURITY-127&128/CVE-2014-3663 (privilege escalation in job\nconfiguration permission)\nAn user with a permission limited to Job/CONFIGURE can exploit this\nvulnerability to effectively create a new job, which should have been\nonly possible for users with Job/CREATE permission, or to destroy jobs\nthat he/she does not have access otherwise.\n\n- SECURITY-131/CVE-2014-3664 (directory traversal attack)\nUsers with Overall/READ permission can access arbitrary files in the\nfile system readable by the Jenkins process, resulting in the exposure\nof sensitive information, such as encryption keys.\n\n- SECURITY-138/CVE-2014-3680 (Password exposure in DOM)\nIf a parameterized job has a default value in a password field, that\ndefault value gets exposed to users with Job/READ permission.\n\n- SECURITY-143/CVE-2014-3681 (XSS vulnerability in Jenkins core)\nReflected cross-site scripting vulnerability in Jenkins core. An\nattacker can navigate the user to a carefully crafted URL and have the\nuser execute unintended actions.\n\n- SECURITY-150/CVE-2014-3666 (remote code execution from CLI)\nUnauthenticated user can execute arbitrary code on Jenkins master by\nsending carefully crafted packets over the CLI channel.\n\n- SECURITY-155/CVE-2014-3667 (exposure of plugin code)\nPrograms that constitute plugins can be downloaded by anyone with the\nOverall/READ permission, resulting in the exposure of otherwise\nsensitive information, such as hard-coded keys in plugins, if any.\n\n- SECURITY-159/CVE-2013-2186 (arbitrary file system write)\nSecurity vulnerability in commons fileupload allows unauthenticated\nattacker to upload arbitrary files to Jenkins master.\n\n- SECURITY-149/CVE-2014-1869 (XSS vulnerabilities in ZeroClipboard)\nreflective XSS vulnerability in one of the library dependencies of Jenkins.\n\n- SECURITY-113/CVE-2014-3678 (XSS vulnerabilities in monitoring plugin)\nMonitoring plugin allows an attacker to cause a victim into executing\nunwanted actions on Jenkins instance.\n\n- SECURITY-113/CVE-2014-3679 (hole in access control)\nCertain pages in monitoring plugin are visible to anonymous users,\nallowing them to gain information that they are not supposed to.", "published": "2014-10-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "lastseen": "2016-09-02T18:44:35"}], "redhat": [{"id": "RHSA-2016:0070", "type": "redhat", "title": "(RHSA-2016:0070) Important: Red Hat OpenShift Enterprise 3.1.1 bug fix and enhancement update", "description": "OpenShift Enterprise by Red Hat is the company's cloud computing \nPlatform-as-a-Service (PaaS) solution designed for on-premise or \nprivate cloud deployments.\n\nThe following security issues are addressed with this release:\n\nAn authorization flaw was discovered in Kubernetes; the API server \ndid not properly check user permissions when handling certain \nrequests. An authenticated remote attacker could use this flaw to \ngain additional access to resources such as RAM and disk space. \n(CVE-2016-1905)\n\nAn authorization flaw was discovered in Kubernetes; the API server \ndid not properly check user permissions when handling certain build-\nconfiguration strategies. A remote attacker could create build \nconfigurations with strategies that violate policy. Although the \nattacker could not launch the build themselves (launch fails when \nthe policy is violated), if the build configuration files were later \nlaunched by other privileged services (such as automated triggers), \nuser privileges could be bypassed allowing attacker escalation. \n(CVE-2016-1906)\n\nAn update for Jenkins Continuous Integration Server that addresses a \nlarge number of security issues including XSS, CSRF, information \ndisclosure and code execution have been addressed as well. \n(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662\nCVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667\nCVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807\nCVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813\nCVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319\nCVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323\nCVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537\nCVE-2015-7538, CVE-2015-7539, CVE-2015-8103)\n\nSpace precludes documenting all of the bug fixes and enhancements in \nthis advisory. See the OpenShift Enterprise 3.1 Release Notes, which \nwill be updated shortly for release 3.1.1, for details about these \nchanges:\n\nhttps://docs.openshift.com/enterprise/3.1/release_notes/ose_3_1_release_notes.html\n\nAll OpenShift Enterprise 3 users are advised to upgrade to these \nupdated packages.", "published": "2016-01-27T00:01:15", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0070", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2015-5323", "CVE-2016-1906", "CVE-2015-1814", "CVE-2015-1806", "CVE-2015-1812", "CVE-2015-1808", "CVE-2015-7537", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3681", "CVE-2015-7539", "CVE-2015-1810", "CVE-2015-7538", "CVE-2013-2186", "CVE-2015-5324", "CVE-2015-5319", "CVE-2015-1807", "CVE-2014-3663", "CVE-2015-5322", "CVE-2015-5317", "CVE-2015-5321", "CVE-2015-5320", "CVE-2015-5318", "CVE-2015-5326", "CVE-2016-1905", "CVE-2015-1813", "CVE-2015-5325", "CVE-2014-3664", "CVE-2015-8103", "CVE-2014-3662"], "lastseen": "2016-09-04T11:17:42"}]}}