SB15-131: Vulnerability Summary for the Week of May 04, 2015

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Title: SB15-131: Vulnerability Summary for the Week of May 04, 2015

NCCIC / US-CERT

National Cyber Awareness System:

SB15-131: Vulnerability Summary for the Week of May 04, 2015
05/11/2015 06:15 AM EDT

Original release date: May 11, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
alienvault -- unified_security_management The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file (.cfg). 2015-05-01 9.3 CVE-2015-3446
CONFIRM
MISC
cisco -- unified_computing_system_central_software Cisco UCS Central Software 1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961. 2015-05-06 10.0 CVE-2015-0701
CISCO
emc -- autostart ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets. 2015-05-06 9.3 CVE-2015-0538
CERT-VN
BUGTRAQ
google -- chrome Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. 2015-05-01 7.5 CVE-2015-1250
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
realtek -- realtek_sdk The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request. 2015-05-01 10.0 CVE-2014-8361
MISC
CONFIRM
samsung -- samsung_security_manager Samsung Security Manager (SSM) before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP (1) PUT or (2) MOVE request. 2015-05-01 10.0 CVE-2015-3435
MISC
MISC
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
apple -- safari WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154. 2015-05-07 6.8 CVE-2015-1152
CONFIRM
APPLE
apple -- safari WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154. 2015-05-07 6.8 CVE-2015-1153
CONFIRM
APPLE
apple -- safari WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1153. 2015-05-07 6.8 CVE-2015-1154
CONFIRM
APPLE
apple -- safari The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site. 2015-05-07 4.3 CVE-2015-1155
CONFIRM
APPLE
apple -- safari The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site. 2015-05-07 4.3 CVE-2015-1156
CONFIRM
APPLE
cisco -- finesse Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595. 2015-05-02 4.3 CVE-2015-0714
CISCO
cisco -- unity_connection SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608. 2015-05-06 6.5 CVE-2015-0715
CISCO
cisco -- unity_connection Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659. 2015-05-06 6.8 CVE-2015-0716
CISCO
dell -- sonicwall_secure_remote_access_firmware Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark. 2015-05-01 6.8 CVE-2015-2248
CONFIRM
MISC
elasticsearch -- elasticsearch Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors. 2015-05-01 4.3 CVE-2015-3337
CONFIRM
BUGTRAQ
DEBIAN
emc -- sourceone_email_management EMC SourceOne Email Management before 7.2 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. 2015-05-06 5.0 CVE-2015-0531
BUGTRAQ
foxitsoftware -- enterprise_reader Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file. 2015-05-01 4.3 CVE-2015-3632
EXPLOIT-DB
CONFIRM
MISC
MISC
foxitsoftware -- enterprise_reader Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures. 2015-05-01 5.0 CVE-2015-3633
CONFIRM
haxx -- curl The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents. 2015-05-01 5.0 CVE-2015-3153
UBUNTU
DEBIAN
CONFIRM
ibm -- db2 IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to obtain sensitive information via commands associated with these facilities. 2015-05-07 4.0 CVE-2014-0919
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR
ibm -- rational_license_key_server The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4 before 8.1.4.7 allows remote authenticated users to read cookies via unspecified vectors. 2015-05-07 4.0 CVE-2015-1907
CONFIRM
python -- pillow The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image. 2015-05-01 5.0 CVE-2014-3598
CONFIRM
SUSE
redhat -- enterprise_virtualization_manager Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain. 2015-05-01 6.8 CVE-2015-0237
REDHAT
siemens -- homecontrol_for_room_automation The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information or modify data via a crafted certificate. 2015-05-07 5.4 CVE-2015-3610
CONFIRM
Back to top

Low Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
kozos -- easyctf Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. 2015-05-01 3.5 CVE-2015-0913
JVNDB
JVN
CONFIRM
redhat -- enterprise_virtualization_manager Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory. 2015-05-01 2.1 CVE-2015-0257
REDHAT
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

This email was sent to linux-security@xxxxxxxxxxx using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (888) 282-0870 Powered by GovDelivery
[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux