Computer Security
[EN] securityvulns.ru no-pyccku


BullGuard antiviral applications authentication bypass
updated since 10.05.2015
Published:11.05.2015
Source:
SecurityVulns ID:14453
Type:local
Threat Level:
6/10
Description:Access limitation are checked in client application.
Original documentdocumentmatthias.deeg_(at)_syss.de, [SYSS-2015-019] BullGuard Antivirus - Authentication Bypass (10.05.2015)
 documentmatthias.deeg_(at)_syss.de, [SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass (10.05.2015)
 documentmatthias.deeg_(at)_syss.de, [SYSS-2015-017] BullGuard Internet Security - Authentication Bypass (10.05.2015)

squid insufficient certificate validation
Published:11.05.2015
Source:
SecurityVulns ID:14454
Type:m-i-t-m
Threat Level:
5/10
Description:Insufficient check for server certificate.
Affected:SQUID : squid 3.4
CVE:CVE-2015-3455 (Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, does not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:230 ] squid (11.05.2015)

libicu security vulnerabilities
Published:11.05.2015
Source:
SecurityVulns ID:14455
Type:library
Threat Level:
8/10
Description:Buffer overflow, integer overflow.
Affected:ICU : libicu 55
CVE:CVE-2014-8147 (The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.)
 CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.)
Original documentdocumentPedro Ribeiro, [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL (11.05.2015)

EMC RSA Identity Management and Governance password reset
Published:11.05.2015
Source:
SecurityVulns ID:14456
Type:remote
Threat Level:
5/10
Description:Weak password reset procedure.
Affected:RSA : Identity Management and Governance 6.9
CVE:CVE-2015-0532 (EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account.)
Original documentdocumentEMC, ESA-2015-078: RSA® Identity Management and Governance (IMG) Insecure Password Reset Vulnerability (11.05.2015)

HP Capture and Route information disclosure
Published:11.05.2015
Source:
SecurityVulns ID:14457
Type:remote
Threat Level:
5/10
Affected:HP : HP Capture and Route 1.3
CVE:CVE-2015-2115 (Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBPI03315 rev.1 - HP Capture and Route Software, Remote Information Disclosure (11.05.2015)

InFocus projectors authentication bypass
Published:11.05.2015
Source:
SecurityVulns ID:14458
Type:remote
Threat Level:
5/10
Description:Few authentication bypass possibilities.
Affected:INFOCUS : InFocus IN3128HD
CVE:CVE-2014-8384 (The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.)
 CVE-2014-8383 (The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities (11.05.2015)

F5 BIG-IQ information disclosure
Published:11.05.2015
Source:
SecurityVulns ID:14459
Type:remote
Threat Level:
5/10
Description:User accounts information disclosure.
Affected:F5 : BIG-IQ 0.0
Original documentdocumentjplopezy_(at)_gmail.com, F5 BIG-IQ Enumeration of users and Information Disclosure (11.05.2015)

Cisco UCS Central code execution
Published:11.05.2015
Source:
SecurityVulns ID:14460
Type:remote
Threat Level:
5/10
Description:Code execution via web interface.
Affected:CISCO : UCS Central Software 1.2
CVE:CVE-2015-0701 (Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961.)
Files:Cisco Security Advisory Cisco UCS Central Software Arbitrary Command Execution Vulnerability

Filezilla FTP server bounce attack
Published:11.05.2015
Source:
SecurityVulns ID:14461
Type:remote
Threat Level:
5/10
Description:DATA connection IP address is not restricted.
Affected:FILEZILLA : Filezilla FTP server 0.9
Original documentdocumentAmit Klein, Advisory: Filezilla FTP server is vulnerable to FTP PORT bounce (11.05.2015)

SonicWall SonicOS crossite scripting
Published:11.05.2015
Source:
SecurityVulns ID:14463
Type:remote
Threat Level:
5/10
Affected:SONICWALL : SonicOS 7.5
Original documentdocumentVulnerability Lab, SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability (11.05.2015)

HP TippingPoint Security Management System / TippingPoint Virtual Security Management System code execution
Published:11.05.2015
Source:
SecurityVulns ID:14464
Type:remote
Threat Level:
6/10
Description:Code execution via web interface.
Affected:HP : TippingPoint Security Management System 4.2
 HP : TippingPoint Virtual Security Management System 4.2
CVE:CVE-2015-2117 (HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS) before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by (1) uploading this code within an archive or (2) instantiating a class.)
Original documentdocumentHP, [security bulletin] HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS), Remote Code Execution (11.05.2015)

HP Data Protector multiple security vulnerabilities
Published:11.05.2015
Source:
SecurityVulns ID:14465
Type:remote
Threat Level:
5/10
Description:DoS, code execution, privilege escalation.
Affected:HP : HP Storage Data Protector 7.03
CVE:CVE-2015-2116 (Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code (11.05.2015)

HP Integrated Lights-Out multiple security vulnereabilities
Published:11.05.2015
Source:
SecurityVulns ID:14466
Type:remote
Threat Level:
6/10
Description:Code execution, privilege escalation, DoS, restrictions bypass.
Affected:HP : iLO 2
 HP : iLO 3
 HP : iLO 4
CVE:CVE-2015-2106 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.)
 CVE-2014-7876 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBHF03151 rev.1 - HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4), Chassis Management (iLO CM), Remote Denial of Service, Remote Execution of Code, Elevation of Privilege (11.05.2015)

HP Operations Orchestration authentication bypass
Published:11.05.2015
Source:
SecurityVulns ID:14467
Type:remote
Threat Level:
5/10
CVE:CVE-2015-2109 (Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU03292 rev.1 - HP Operations Orchestration Authentication Bypass (11.05.2015)

dcraw / libraw integer overflow
Published:11.05.2015
Source:
SecurityVulns ID:14468
Type:library
Threat Level:
6/10
Description:Integer overflow in ljpeg_start().
Affected:LIBRAW : libraw 0.16
 DCRAW : dcraw 7.0
Original documentdocumentAndrea Barisani, [oCERT-2015-006] dcraw input sanitization errors (11.05.2015)

zeromq3 / libzmq downgrade attack
Published:11.05.2015
Source:
SecurityVulns ID:14469
Type:library
Threat Level:
5/10
Description:Protocol version downgrade attack is possible.
Affected:ZEROMQ : zeromq3 4.0
Original documentdocumentDEBIAN, [SECURITY] [DSA 3255-1] zeromq3 security update (11.05.2015)

HP SDN VAN Controller DoS
Published:11.05.2015
Source:
SecurityVulns ID:14470
Type:remote
Threat Level:
5/10
Affected:HP : HP SDN VAN Controller 2.5
CVE:CVE-2015-2122 (The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port.)
 CVE-2014-0050 (MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.)
Original documentdocumentHP, [security bulletin] HPSBGN03329 rev.1 - HP SDN VAN Controller, Remote Denial of Service (DoS), Distributed Denial of Service (DDoS) (11.05.2015)

suricata DoS
Published:11.05.2015
Source:
SecurityVulns ID:14471
Type:remote
Threat Level:
5/10
Description:Crash on SSL certificate parsing.
Affected:SURICATA : suricata 2.0
CVE:CVE-2015-0971 (The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3254-1] suricata security update (11.05.2015)

Network Virtualization for HP LoadRunner and Performance Center information disclosure
Published:11.05.2015
Source:
SecurityVulns ID:14472
Type:remote
Threat Level:
5/10
Affected:HP : Network Virtualization for HP LoadRunner and Performance Center 11.52
CVE:CVE-2015-2121 (HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569.)
Original documentdocumentHP, [security bulletin] HPSBGN03328 rev.1 - Network Virtualization for HP LoadRunner and Performance Center, Remote Information Disclosure (11.05.2015)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:11.05.2015
Source:
SecurityVulns ID:14473
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : embed-articles 7.0
 WORDPRESS : Simple Ads Manager 2.6
 WORDPRESS : AB Google Map Travel 3.4
 JQUERY : jqueryui 1.10
 MANAGEENGINE : Device Expert 5.9
 WORDPRESS : Ultimate Profile Builder 2.3
 WORDPRESS : Twenty Fifteen 4.2
 MANAGEENGINE : Asset Explorer 6.1
 EPICOR : CRS Retail Store 3.2
 PFSENSE : pfSense 2.2
 WORDPRESS : Ultimate Product Catalogue 3.1
 VBULLETIN : vBulletin 4.2
 FRONTRANGE : FrontRange DSM 7.2
 DJANGO : django 1.7
 NTOP : ntop 4.1
 WING : Wing FTP Server Admin 4.4
 WORDPRESS : Add Link to Facebook 1.215
 WORDPRESS : WP Statistics 9.1
 WORDPRESS : videowhisper-video-presentation 3.31
 WORDPRESS : videowhisper-video-conference-integration 4.91
 OVERCOFEE : Instant 2.0
 PLIGG : Pligg CMS 2.0
 SQLBUDDY : Sqlbuddy 1.3
 PRIMCORE : Pimcore 3.0
 WORDPRESS : Ad Buttons 2.3
 WORDPRESS : ClickBank Ads 1.7
 WORDPRESS : Ad Inserter 1.5
 WORDPRESS : eShop 6.3
 WORDPRESS : TheCartPress 1.3
 WORDPRESS : Wordpress 4.2
 ALIENVAULT : Alienvault OSSIM/USM 5.0
 TORNADO : Tornado Content Management System 2015 Q2
 NODEJS : nodejs 0.10
 DRUPAL : drupal 7.32
CVE:CVE-2015-3440 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.)
 CVE-2015-3439 (Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScript functions via the target parameter, as demonstrated by executing a certain click function, related to _init.as and _fireEvent.as.)
 CVE-2015-3438 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database layer, as demonstrated by a crafted character in a comment.)
 CVE-2015-3429 (Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier.)
 CVE-2015-3421
 CVE-2015-3302
 CVE-2015-3301 (Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. (dot dot) in the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php.)
 CVE-2015-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote attackers to inject arbitrary web script or HTML via the (1) billing_firstname, (2) billing_lastname, (3) billing_company, (4) billing_tax_id_number, (5) billing_city, (6) billing_street, (7) billing_street_2, (8) billing_postcode, (9) billing_telephone_1, (10) billing_telephone_2, (11) billing_fax, (12) shipping_firstname, (13) shipping_lastname, (14) shipping_company, (15) shipping_tax_id_number, (16) shipping_city, (17) shipping_street, (18) shipping_street_2, (19) shipping_postcode, (20) shipping_telephone_1, (21) shipping_telephone_2, (22) shipping_fax to shopping-cart/checkout/; (23) search_by parameter in the admin/AddressesList.php page to wp-admin/admin.php; (24) address_id, (25) address_name, (26) firstname, (27) lastname, (28) street, (29) city, (30) postcode, or (31) email parameter in the admin/AddressEd)
 CVE-2015-2825 (Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the path parameter.)
 CVE-2015-2824 (Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php.)
 CVE-2015-2755 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php.)
 CVE-2015-2317 (The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.)
 CVE-2015-2316 (The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.)
 CVE-2015-2295 (Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter.)
 CVE-2015-2294 (Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php.)
 CVE-2015-2210
 CVE-2015-0278 (libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors.)
 CVE-2014-4165 (Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin.)
 CVE-2010-5312 (Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.)
Original documentdocumentjoelvarghese7_(at)_gmail.com, Pligg CMS 2.0.2 - Stored XSS (11.05.2015)
 documentHigh-Tech Bridge Security Research, Arbitrary file deletion and multiple XSS vulnerabilities in pfSense (11.05.2015)
 documentUBUNTU, [USN-2539-1] Django vulnerabilities (11.05.2015)
 documentFilippo Cavallarin, DokuWiki persistent Cross Site Scripting (11.05.2015)
 documentkingkaustubh_(at)_me.com, Reflected XSS Vulnerability in XSS In Manage Engine Device Expert (11.05.2015)
 documentkingkaustubh_(at)_me.com, Stored XSS Vulnerability In Manage Engine Device Expert (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF to add admin user Vulnerability In Manage Engine Device Expert (11.05.2015)
 documentkingkaustubh_(at)_me.com, Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network Configuration (11.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3200-1] drupal7 security update (11.05.2015)
 documentBHG Security Center, vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability (11.05.2015)
 documentSteevee a.k.a Stefanus, Instant v2.0 SQL Injection Vulnerability (11.05.2015)
 documentLuca Ercoli, Remote File Upload Vulnerability in WordPress Ultimate Product Catalogue Plugin (11.05.2015)
 documentapparitionsec_(at)_gmail.com, CSRF & XSS Wing FTP Server Admin <= v4.4.5 (11.05.2015)
 documentMANDRIVA, [ MDVSA-2015:216 ] ntop (11.05.2015)
 documentmatthias.deeg_(at)_syss.de, [SYSS-2014-007] FrontRange DSM - Multiple Vulnerabilities (11.05.2015)
 documentwebmaster_(at)_josephzeng.com, Code Injection in Epicor Retail Store 3.2.03.01.008 (11.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3249-1] jqueryui security update (11.05.2015)
 documentMANDRIVA, [ MDVSA-2015:228 ] nodejs (11.05.2015)
 documentVulnerability Lab, TORNADO Computer Trading CMS - SQL Injection Vulnerability (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Manage Engine Asset Explorer (11.05.2015)
 documentPeter Lapp, Alienvault OSSIM/USM Multiple Vulnerabilities (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/Stored XSS Vulnerability in AB Google Map Travel (AB-MAP) Wordpress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS (11.05.2015)
 documentitas.team_(at)_itas.vn, Wordpress plugin Simple Ads Manager - Arbitrary File Upload (11.05.2015)
 documentitas.team_(at)_itas.vn, Wordpress plugin Simple Ads Manager - Multiple SQL Injection (11.05.2015)
 documentitas.team_(at)_itas.vn, Wordpress plugin Simple Ads Manager - SQL Injection (11.05.2015)
 documentlarry0_(at)_me.com, Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 (11.05.2015)
 documentlarry0_(at)_me.com, Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 (11.05.2015)
 documentkingkaustubh_(at)_me.com, Wordpress WP Statistics persistent cross site scripting (11.05.2015)
 documentkumarrohit2255_(at)_gmail.com, Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin (11.05.2015)
 documentJouko Pynnonen, WordPress 4.2 stored XSS (11.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3250-1] wordpress security update (11.05.2015)
 documentHigh-Tech Bridge Security Research, Multiple Vulnerabilities in TheCartPress WordPress plugin (11.05.2015)
 documentHigh-Tech Bridge Security Research, Arbitrary Variable Overwrite in eShop WordPress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Embed ArticlesWordpress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSSIn Ad_InSerter Wordpress (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In ClickBank ads Wordpress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Ultimate Profile Builder by CMSLive Wordpress Plugin (11.05.2015)
 documentOnur Yilmaz, Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429 (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Ad_Button Wordpress (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS in embed-articles Wordpress Plugin (11.05.2015)
 documentVulnerability Lab, Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities (11.05.2015)
 documentapparitionsec_(at)_gmail.com, Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability (11.05.2015)
 documenthyp3rlinx_(at)_altervista.org, Sqlbuddy Path Traversal Vulnerability (11.05.2015)

mono security vulnerabilities
Published:11.05.2015
Source:
SecurityVulns ID:14474
Type:library
Threat Level:
6/10
Description:Multiple TLS related vulnerabilities.
Affected:MONO : mono 3.2
CVE:CVE-2015-2320
 CVE-2015-2319
 CVE-2015-2318
Original documentdocumentDEBIAN, [SECURITY] [DSA 3202-1] mono security update (11.05.2015)

Apache libbatik XXE
Published:11.05.2015
Source:
SecurityVulns ID:14475
Type:library
Threat Level:
5/10
Description:XXE on SVG parsing.
Affected:APACHE : batik 1.7
CVE:CVE-2015-0250 (XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.)
Original documentdocumentUBUNTU, [USN-2548-1] Batik vulnerability (11.05.2015)

Apache Tomcat security vulnerabilities
updated since 11.05.2015
Published:17.05.2015
Source:
SecurityVulns ID:14462
Type:library
Threat Level:
5/10
Description:Resources exhaustion, restrictions bypass.
Affected:APACHE : Tomcat 8.0
CVE:CVE-2014-7810 (The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.)
 CVE-2014-0230 (Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (memory consumption) via a series of aborted upload attempts.)
Original documentdocumentAPACHE, [SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass (17.05.2015)
 documentAPACHE, [SECURITY] CVE-2014-0230: Apache Tomcat DoS (11.05.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod