Citrix NetScaler and Access Gateway Enterprise Edition unauthorized access to network resources vulnerability

Overview Citrix NetScaler and Access Gateway Enterprise Edition contain a vulnerability which could result in unauthorized access to network resources. Description Citrix NetScaler and Access Gateway Enterprise Edition contain a vulnerability which could allow a remote attacker to gain unauthoriz...

avast! Mobile Security Android application denial-of-service vulnerability

Overview avast! Mobile Security Android application version 2.0.3587, and possibly earlier versions, contains a denial-of-service vulnerability. Description avast! Mobile Security version 2.0.3587 crashes if an Intent is sent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with...

BitZipper 2013 memory-corruption vulnerability

Overview BitZipper 2013 contains a memory-corruption vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description BitZipper 2013 contains a memory-corruption vulnerability, which may allow a remote unauthenticated attacker to execu...

pd-admin contains cross-site scripting vulnerabilities

Overview pd-admin, a web interface for users of hosting providers, is susceptible to cross-site scripting XSS vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' pd-admin, contains cross-site scripting XSS vulnerabilities. The...

Arecont Vision model AV1355DN camera vulnerable to denial of service

Overview The Arecont Vision model AV1355DN MegaDome surveillance camera is reported to be affected by a denial-of-service vulnerability by sending a UDP packet to port 69 on the device. Description The Arecont Vision model AV1355DN MegaDome surveillance camera is reported to be affected by a...

Plesk Panel 11.0.9 privilege escalation vulnerabilities

Overview Plesk Panel 11.0.9 and possibly earlier versions contains multiple privilege escalation vulnerabilities. Description Plesk Panel contains multiple privilege escalation vulnerabilities which may allow an attacker to run arbitrary code as the root user. Special-case rules in Plesk's custom...

AirDroid web interface XSS vulnerability

Overview AirDroid web interface contains a XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'The AirDroid web interface fails to sanitize malicious code within a text message on the target phone causing the script to be execut...

PHP Address Book sqli vulnerability

Overview PHP Address Book web application is vulnerable to multiple sqli injection vulnerabilities. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'PHP Address Book 8.2.5 and possibly older versions fail to sanitize input from multiple...

NVIDIA UNIX GPU driver ARGB cursor buffer overflow in "NoScanout" mode

Overview NVIDIA UNIX video drivers contain a buffer overflow vulnerability when run in NoScanout mode. Description The NVIDIA security advisory states:NVIDIA UNIX GPU Driver ARGB Cursor Buffer Overflow in "NoScanout" Mode. When the NVIDIA driver for the X Window System is operated in "NoScanout"...

C2 WebResource web interface XSS vulnerability

Overview The C2 WebResource web interface contains a XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'The C2 WebResource web interface is vulnerable to XSS on the following URL and parameter:...

The TigerText Free Consumer Private Texting App (iOS) sends unencrypted user information in support requests

Overview The TigerText Free Consumer Private Texting App iOS sends unencrypted user information to TigerText support. Description The TigerText app generates an unencrypted log file containing the TigerText username and password on the device when a user taps on "Contact Customer Support." An ema...

NVIDIA Windows video card drivers contain multiple vulnerabilities

Overview NVIDIA video card drivers contain multiple vulnerabilities. Description The NVIDIA security advisory states:CVE-2013-0109: NVIDIA Display Driver Service Vulnerability Due to an issue identified with the NVIDIA driver, a malicious actor could – by forcing exceptions and overwriting memory...

CoreFTP contains a buffer overflow vulnerability

Overview CoreFTP contains a buffer overflow when parsing long directory names. Description CoreFTP is susceptible to a buffer overflow when parsing long directory names from a malicious FTP server. The LIST, VIEW, commands are vulnerable to a denial of service and the DELE command has been report...

Askiaweb survey application contains multiple vulnerabilities

Overview The Askiaweb survey application contains multiple vulnerabilities. Description The Askiaweb survey application contains multiple vulnerabilities.CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2013-0123 The administration interface for the...

Verizon Fios Actiontec model MI424WR-GEN3I router vulnerable to cross-site request forgery

Overview The Verizon FIOS Actiontec router model MI424WR-GEN3I is susceptible to cross-site request forgery attacks. CWE-352 Description The Verizon FIOS Actiontec router model MI424WR-GEN3I is susceptible to cross-site request forgery attacks. CWE-352 A remote attacker that is able to trick a us...

Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL

Overview Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL 0.9.8o. Description Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier uses OpenSSL for SSL/TLS encryption. The version of OpenSSL that comes with the Fiery...

HP LaserJet Professional printer telnet debug shell vulnerability

Overview Certain HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data. Description Certain HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized acce...

GroundWork Monitor Enterprise contains multiple vulnerabilities

Overview GroundWork Monitor Enterprise 6.7.0 and possibly earlier versions contain multiple vulnerabilities. Description The SEC Consult Vulnerability Lab Security Advisory states:The following vulnerability description has been categorized into the components where the vulnerabilities have been...

Oracle Java contains multiple vulnerabilities

Overview Oracle Java 7 Update 15, Java 6 Update 41, Java 5.0 Update 40, and earlier versions contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java Runtime Environment JRE allows users to run Java...

Dell PowerConnect 6248P series switch denial of service vulnerability

Overview Dell PowerConnect 6248P series switches contain a denial of service vulnerability when parsing malformed requests. Description Dell PowerConnect 6248P series switches contain a denial of service vulnerability when parsing malformed requests which could cause the switch to crash and becom...

CS-Cart v3.0.4 configured with PayPal Standard Payments design vulnerability

Overview CS-Cart v3.0.4 and possibly other versions configured with PayPal Standard Payment is susceptible to a client-side attack that results in an attacker purchasing items without having to pay for them. Description It has been reported that CS-Cart v3.0.4 configured with PayPal Standard...

Adobe Reader and Acrobat memory corruption vulnerabilities

Overview Adobe Reader and Acrobat 11.0.01 and earlier, 10.1.5 and earlier, and 9.5.3 and earlier contain memory corruption vulnerabilities. Description The Adobe security bulletin APSB13-07 states:Adobe has released security updates for Adobe Reader and Acrobat XI 11.0.01 and earlier for Windows...

Nuance PDF viewing products contain multiple vulnerabilities

Overview Nuance PDF viewing products contain multiple memory-corruption vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Nuance provides two similar PDF viewing products called PDF Reader and PDF Viewer Plus. Both of...

Oracle Java contains multiple vulnerabilities

Overview Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java Runtime Environment JRE allows users to run Java applications in a...

Portable SDK for UPnP Devices (libupnp) contains multiple buffer overflows in SSDP

Overview The Portable SDK for UPnP Devices libupnp library contains multiple buffer overflow vulnerabilities. Devices that use libupnp may also accept UPnP queries over the WAN interface, therefore exposing the vulnerabilities to the internet. Description Universal Plug and Play UPnP is a set of...

Ruby on Rails 3.0 and 2.3 JSON Parser vulnerability

Overview The Ruby on Rails 3.0 and 2.3 JSON parser contain a vulnerability that may result in arbitrary code execution. Description The Ruby on Rails advisory states:There is a vulnerability in the JSON code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitra...

SUSE WebYaST remotely accessible hosts list vulnerability

Overview The WebYaST hosts list is remotely accessible by unauthenticated attackers. An attacker may be able to add a malicious host to the list and perform a man-in-the-middle attack against WebYaST. Description The SUSE security advisory states:The hosts list used by WebYaST for connecting to...

Foxit Advanced PDF Editor 3 contains a stack buffer overrun vulnerability

Overview Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability. Description Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability that may be exploited by an attacker that is able to successful...

DOMIT! RSS testing_domitrss.php discloses local files

Overview A vulnerability in DOMIT! RSS allows an attacker to read local files. Description DOMIT! RSS is an RSS parser for PHP. DOMIT! RSS includes a test script called testingdomitrss.php. This script writes out the contents of any user-supplied URL to a local file named the MD5 hash of the URL...

TP-LINK TL-WR841N wireless router local file inclusion vulnerability

Overview The TP-LINK TL-WR841N wireless router contains a local file inclusion vulnerability which could allow an attacker to download critical configuration files off the device. Description CWE-829: Inclusion of Functionality from Untrusted Control SphereThe TP-LINK TL-WR841N wireless router...

Java 7 fails to restrict access to privileged code

Overview Java 7 Update 10 and earlier versions of Java 7 contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java Runtime Environment JRE 1.7 allows users to run Java applications in a browser or as...

Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability

Overview Dell OpenManage Server Administrator version 7.1.0.1 and earlier contains a DOM-based cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'Dell OpenManage Server Administrator version 7.1.01 and earlier...

BigAnt IM Message server and components contain multiple vulnerabilities

Overview BigAnt IM Message server and components contain multiple vulnerabilities which could allow an attacker to perform administrative functions on the the system Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2012-6273During the SH...

Ruby on Rails Action Pack framework insecurely typecasts YAML and Symbol XML parameters

Overview The Ruby on Rails Action Pack framework is susceptible to authentication bypass, SQL injection, arbitrary code execution, or denial of service. Description The Ruby on Rails advisory states:"Multiple vulnerabilities in parameter parsing in Action Pack There are multiple weaknesses in the...

Microsoft Internet Explorer CButton use-after-free vulnerability

Overview Microsoft Internet Explorer contains a use-after-free vulnerability in the CButton object, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a use-after-free vulnerability in the mshtml...

Adobe Shockwave player vulnerable to downgrading

Overview Adobe Shockwave Player may automatically install a legacy version of the runtime, which can increase the attack surface of systems that have Shockwave installed. Description Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe...

Adobe Shockwave player installs Xtras without prompting

Overview Adobe Shockwave Player installs Xtras that are signed by Adobe or Macromedia without prompting, which can allow an attacker to target vulnerabilities in older Xtras. Description Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe...

Adobe Shockwave player provides vulnerable Flash runtime

Overview Adobe Shockwave Player 12.1.1.151 and earlier versions on the Windows and Macintosh operating systems provide a vulnerable version of the Flash runtime. Description Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe Director...

Huawei E585 pocket wifi 2 device contains multiple vulnerabilities

Overview The Huawei E585 pocket wifi 2 device contains multiple vulnerabilities which could allow an attacker to perform administrative functions on the device. Description The Huawei E585 pocket wifi 2 device contains multiple vulnerabilities which could allow an attacker to perform administrati...

Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.

Overview Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability. The vulnerability is found withi...

D-Link DSL2730U router restricted telnet shell command whitelisting bypass

Overview D-Link DSL2730U routers contain a restricted telnet shell with limited allowed commands. An authenticated attacker can chain unauthorized commands through authorized commands in order to bypass the command whitelisting. Description CWE-78: Improper Neutralization of Special Elements used...

IBM Power 5 Service Processor privilege escalation vulnerability

Overview IBM Power 5 Service Processor contain a vulnerability which could allow an attacker to operate with elevated privileges. Description IBM's security advisory states, "A security issue has been identified on IBM Power 5 Systems such that the firewall code does not get executed in certain...

Qualcomm Android OS kernel privilege escalation and denial of service vulnerabilites

Overview Android OS kernels running on certain Qualcomm devices contain multiple vulnerabilities which could allow an attacker to cause privilege escalation or Denial of Service DoS. Description The Qualcomm Innovation Center, Inc. advisory states:Summary: A locally installed application can caus...

ManageEngine AssetExplorer fails to properly sanitize XML asset data submission

Overview ManageEngine AssetExplorer version 5.6.0 build number 5610 and possibly older versions is vulnerable to multiple stored XSS vulnerabilities via XML asset data submission. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'ManageEngine...

Samsung Printer firmware contains a hardcoded SNMP community string

Overview Samsung printers contain a hardcoded SNMP community string that could allow a remote attacker to take control of an affected device. Description Samsung printers as well as some Dell printers manufactured by Samsung contain a hardcoded SNMP full read-write community string that remains...

Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers

Overview Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description Autonomy Keyview IDOL is a set of libraries that can decode over 1,000 different file formats. The...

Novell File Reporter contains multiple vulnerabilities

Overview Novell File Reporter 1.0.2 contains multiple vulnerabilities including a heap overflow, arbitrary file retrieval, and arbitrary file upload. Description The Rapid7 advisory states:CVE-2012-4956 - Heap Overflow When handling requests of name "SRS", the NFRAgent.exe fails to generate a...

Dell OpenManage Server Administrator contains a cross-site scripting vulnerability

Overview Dell OpenManage Server Administrator version 7.1 and earlier contains a cross-site scripting vulnerability. Description Dell OpenManage Server Administrator version 7.1 and earlier contains a cross-site scripting vulnerability CWE-79. --- Impact A remote attacker may be able to execute...

Vanilla Forums version 2.1.a26 contains a parameter manipulation vulnerability

Overview Vanilla Forums version 2.1.a26 and possibly other versions is vulnerable to parameter manipulation via the "edit profile" page of authenticated users. Description CWE-280: Improper Handling of Insufficient Permissions or PrivilegesVanilla Forums version 2.1.a26 and possibly other version...

Oberthur smart cards generate weak certificates

Overview A flaw has been identified in Oberthur ID-One COSMO 64, v5.2 and v5.2a smart cards, which results in public keys that do not satisfy the requirements of the Digital Signature Standard as specified in FIPS PUB 186-3 and its predecessors. Description Oberthur ID-One COSMO 64, v5.2 and v5.2...