Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.01.2014
Source:
SecurityVulns ID:13533
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PIVOTAL : Spring 3.2
 PIVOTAL : Spring 4.0
 MOVABLETYPE : Movable Type 6.0
 MOVABLETYPE : Movable Type 5.2
 QPULSE : Q-Pulse 0.6
 PLONE : Plone 4.3
 JOOMLA : Sexy Polling 1.0
 NAGIOS : Nagios 3.5
 NAGIOS : Nagios 4.0
 ICINGA : Icinga 1.10
CVE:CVE-2014-1238
 CVE-2014-0977 (Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-7219 (SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter.)
 CVE-2013-7205 (Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read.)
 CVE-2013-7108 (Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function in (1) avail.c, (2) cmd.c, (3) config.c, (4) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, and (11) trends.c in cgi/, which triggers a heap-based buffer over-read.)
 CVE-2013-6430
 CVE-2013-6429 (The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.)
 CVE-2013-4200 (The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login.)
 CVE-2013-4152 (The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.)
Original documentdocumentali.hussein_(at)_helpag.com, [CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application (19.01.2014)
 documentDEBIAN, [SECURITY] [DSA 2841-1] movabletype-opensource security update (19.01.2014)
 documentPivotal Security Team, CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete (19.01.2014)
 documentPivotal Security Team, CVE-2013-6430 Possible XSS when using Spring MVC (19.01.2014)
 documentAlexandre Herzog, CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers (19.01.2014)
 documentHigh-Tech Bridge Security Research, SQL Injection in Sexy Polling Joomla Extension (19.01.2014)
 documentMANDRIVA, [ MDVSA-2014:004 ] nagios (19.01.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod