The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

vulnerability 13040

WordPress Plugin Link Farm Evolution, Search N Save: Cross Site Scripting of ZeroClipboard.swf

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in ZeroClipboard.swf of Link Farm Evolution and Search N Save for WordPress, in order to execute JavaScript code in the context of the web site.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 03/07/2013.
Revision date: 08/07/2013.
Identifiers: VIGILANCE-VUL-13040.

Description of the vulnerability

The WordPress plugins Link Farm Evolution and Search N Save use the Flash program ZeroClipboard.swf.

However, ZeroClipboard.swf does not filter received data via its parameter id before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in ZeroClipboard.swf of Link Farm Evolution and Search N Save for WordPress, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2013-4117

WordPress Category Grid View Gallery Plugin: Cross Site Scripting of /includes/CatGridPost.php

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in includes/CatGridPost.php of WordPress Category Grid View Gallery Plugin, in order to execute JavaScript code in the context of the web site.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 03/07/2013.
Identifiers: BID-60905, CVE-2013-4117, VIGILANCE-VUL-13039.

Description of the vulnerability

The plugin Category Grid View Gallery is used to collect and show images from articles of a given category.

However, it does not filter the content of the parameter request ID in the page includes/CatGridPost.php before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in includes/CatGridPost.php of WordPress Category Grid View Gallery Plugin, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin 13038

WordPress WP Feed Plugin: SQL injection of news_dt.php

Synthesis of the vulnerability

An attacker can use a SQL injection in news_dt.php of WordPress WP Feed Plugin, in order to read or alter data.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: document.
Creation date: 03/07/2013.
Identifiers: BID-60904, VIGILANCE-VUL-13038.

Description of the vulnerability

WP Feed Plugin is used to generate RSS content for a WordPress based site.

However, the value of the HTTP request parameter nid for the page /news_dt.php is directly inserted into a SQL query.

An attacker can therefore use a SQL injection in news_dt.php of WordPress WP Feed Plugin, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2013-2232

Linux kernel: denial of service via ip6_sk_dst_check

Synthesis of the vulnerability

An attacker can send IPv6 packets to an IPv4 destination from a Linux host, in order to trigger a denial of service.
Impacted products: Debian, Fedora, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, ESX.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 03/07/2013.
Identifiers: CERTA-2013-AVI-412, CERTA-2013-AVI-494, CERTA-2013-AVI-498, CERTA-2013-AVI-657, CVE-2013-2232, DSA-2745-1, DSA-2766-1, ESX410-201312001, ESX410-201312401-SG, ESX410-201312403-SG, FEDORA-2013-12530, FEDORA-2013-12901, FEDORA-2013-12990, MDVSA-2013:194, openSUSE-SU-2013:1619-1, openSUSE-SU-2013:1773-1, openSUSE-SU-2013:1971-1, RHSA-2013:1166-01, RHSA-2013:1173-01, RHSA-2013:1195-01, RHSA-2013:1264-01, SUSE-SU-2013:1473-1, SUSE-SU-2013:1474-1, SUSE-SU-2014:0536-1, VIGILANCE-VUL-13037, VMSA-2013-0007.1, VMSA-2013-0015.

Description of the vulnerability

The Linux kernel allow a user program to use an IPv6 socket (of type PF_INET6) for communications with both IPv4 and IPv6 hosts.

The routines of the file net/ipv6/ip6_output.c are in charge of building and emitting IPv6 packets. The function ip6_sk_dst_check checks whether there is a suitable interface to send it. However, this routine assumes that the packet destination is an IPv6 address. When the destination is actually an IPv4 address, the function introduces a data item of a wrong type in the cache of the routine table, which leads to using invalid memory addresses, and then to a fatal exception.

An attacker can therefore send IPv6 packets to an IPv4 destination from a Linux host, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-2098 CVE-2012-3305 CVE-2012-4853

IBM WebSphere AS 6.1: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IBM WebSphere AS 6.1.
Impacted products: WebSphere AS Traditional.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 23.
Creation date: 03/07/2013.
Revision date: 10/09/2013.
Identifiers: 1647522, BID-53676, BID-55678, BID-56458, BID-57508, BID-57509, BID-57510, BID-57512, BID-57513, BID-59247, BID-59248, BID-59250, BID-59251, BID-61901, BID-61937, BID-61940, BID-61941, BID-62336, BID-62338, BID-62339, CVE-2012-2098, CVE-2012-3305, CVE-2012-4853, CVE-2013-0169, CVE-2013-0458, CVE-2013-0459, CVE-2013-0460, CVE-2013-0461, CVE-2013-0462, CVE-2013-0541, CVE-2013-0542, CVE-2013-0543, CVE-2013-0544, CVE-2013-0596, CVE-2013-1768, CVE-2013-1862, CVE-2013-1896, CVE-2013-2967, CVE-2013-2976, CVE-2013-3029, CVE-2013-4005, CVE-2013-4052, CVE-2013-4053, PM62467, PM62920, PM71139, PM71389, PM72275, PM72536, PM73445, PM74909, PM75582, PM76886, PM78614, PM79937, PM79992, PM81846, PM82468, PM85211, PM86780, PM86786, PM86788, PM86791, PM87808, PM88208, PM88746, PM89996, PM90088, PM90949, PM91521, PM91892, swg27007951, VIGILANCE-VUL-13036.

Description of the vulnerability

Several vulnerabilities were announced in IBM WebSphere AS 6.1.

When a malicious application is deployed, script/executable files located outside the directory are overwritten. [severity:2/4; BID-55678, CVE-2012-3305, PM62467]

An attacker can generate a Cross Site Request Forgery of WASReqURL. [severity:2/4; BID-56458, CVE-2012-4853, PM62920]

An attacker can trigger a Cross Site Scripting. [severity:2/4; BID-57508, CVE-2013-0458, PM71139]

An attacker can trigger a Cross Site Scripting on VMM (Virtual Member Manager). [severity:1/4; BID-57509, CVE-2013-0461, PM71389]

An attacker can trigger a Cross Site Request Forgery. [severity:2/4; BID-57510, CVE-2013-0460, PM72275]

An attacker can trigger a Cross Site Scripting. [severity:2/4; BID-57512, CVE-2013-0459, PM72536]

An attacker can trigger a Cross Site Scripting in ISC, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-62339, CVE-2013-0596, PM73445]

An attacker can generate a buffer overflow in WebSphere Identity Manager, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-59247, CVE-2013-0541, PM74909]

An attacker can use Local OS, in order to escalate his privileges on HP, Linux and Solaris. [severity:3/4; BID-59251, CVE-2013-0543, PM75582]

An attacker can bypass security restrictions, in order to access to resources. [severity:3/4; BID-57513, CVE-2013-0462, PM76886, PM79937]

An attacker can trigger a Cross Site Scripting in the administration console, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-61941, CVE-2013-2967, PM78614]

An attacker can use an error in the cache management of the administration console, in order to obtain sensitive information. [severity:2/4; BID-61940, CVE-2013-2976, PM79992]

An attacker can trigger a Cross Site Scripting in Administrative Console, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-59248, CVE-2013-0542, PM81846]

An attacker can traverse directories on Unix, in order to read a file. [severity:2/4; BID-59250, CVE-2013-0544, PM82468]

An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session (VIGILANCE-VUL-12374). [severity:1/4; CVE-2013-0169, PM85211]

An attacker can deserialize an OpenJPA object, in order to create an executable file on the system (VIGILANCE-VUL-25898). [severity:2/4; CVE-2013-1768, PM86780, PM86786, PM86788, PM86791]

An attacker can use special characters, which are not filtered by mod_rewrite of Apache httpd 2.2, in order to inject them in the log file (VIGILANCE-VUL-12790). [severity:2/4; CVE-2013-1862, PM87808]

An attacker can trigger a Cross Site Scripting in the Administrative Console, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-61901, CVE-2013-4005, PM88208]

An attacker can trigger a Cross Site Request Forgery in WebSphere AS, in order to force the victim to perform operations. [severity:3/4; BID-61937, CVE-2013-3029, PM88746]

An attacker can send a MERGE query for mod_dav of Apache HTTP Server, in order to trigger a denial of service (VIGILANCE-VUL-13117). [severity:2/4; CVE-2013-1896, PM89996]

When an attacker can transmit data to compress by bzip2 to Apache Ant or Apache Commons Compress, he can create a denial of service (VIGILANCE-VUL-11654). [severity:1/4; BID-53676, CVE-2012-2098, PM90088]

An unknown vulnerability was announced in WS-SECURITY XML Digital Signature. [severity:2/4; BID-62338, CVE-2013-4053, PM90949, PM91521]

An attacker can trigger a Cross Site Scripting in UDDI Administrative Console, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-62336, CVE-2013-4052, PM91892]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2013-0169 CVE-2013-1768 CVE-2013-2967

IBM WebSphere AS 8.0: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IBM WebSphere AS 8.0.
Impacted products: WebSphere AS Traditional.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 03/07/2013.
Revision date: 19/08/2013.
Identifiers: BID-61901, BID-61935, BID-61937, BID-61940, BID-61941, CVE-2013-0169, CVE-2013-1768, CVE-2013-2967, CVE-2013-2976, CVE-2013-3029, CVE-2013-4004, CVE-2013-4005, PM78614, PM79992, PM81571, PM85211, PM86780, PM86786, PM86788, PM86791, PM88208, PM88746, swg21644047, VIGILANCE-VUL-13035.

Description of the vulnerability

Several vulnerabilities were announced in IBM WebSphere AS 8.0.

An attacker can trigger a Cross Site Scripting in the administration console, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-61941, CVE-2013-2967, PM78614]

An attacker can use an error in the cache management of the administration console, in order to obtain sensitive information. [severity:2/4; BID-61940, CVE-2013-2976, PM79992]

An attacker can trigger a Cross Site Scripting in the Administrative Console, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-61935, CVE-2013-4004, PM81571]

An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session (VIGILANCE-VUL-12374). [severity:1/4; CVE-2013-0169, PM85211]

An attacker can deserialize an OpenJPA object, in order to create an executable file on the system (VIGILANCE-VUL-25898). [severity:2/4; CVE-2013-1768, PM86780, PM86786, PM86788, PM86791]

An attacker can trigger a Cross Site Scripting in the Administrative Console, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-61901, CVE-2013-4005, PM88208]

An attacker can trigger a Cross Site Request Forgery in WebSphere AS, in order to force the victim to perform operations. [severity:3/4; BID-61937, CVE-2013-3029, PM88746]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-2218

libvirt: use after free via virConnectListAllInterfaces

Synthesis of the vulnerability

An attacker can use a freed memory area in the virConnectListAllInterfaces function of libvirt, in order to trigger a denial of service, and possibly to execute code.
Impacted products: Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: user access/rights, denial of service on service.
Provenance: user shell.
Creation date: 02/07/2013.
Identifiers: 980112, BID-60876, CVE-2013-2218, VIGILANCE-VUL-13034.

Description of the vulnerability

The "iface-list" option of virsh lists interfaces via libvirt.

The virConnectListAllInterfaces() function of the src/interface/interface_backend_netcf.c file obtains the list. However, if a filter is applied, for exemple with the "--inactive" option, a pointer is freed twice.

An attacker can therefore use a freed memory area in the virConnectListAllInterfaces function of libvirt, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-2234

Linux kernel: information disclosure via AF_KEY

Synthesis of the vulnerability

An attacker can use an AF_KEY socket, in order to obtain sensitive information on the Linux kernel.
Impacted products: Debian, Fedora, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, ESX.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 02/07/2013.
Identifiers: CERTA-2013-AVI-412, CERTA-2013-AVI-498, CERTA-2013-AVI-657, CVE-2013-2234, DSA-2745-1, DSA-2766-1, ESX410-201312001, ESX410-201312401-SG, ESX410-201312403-SG, FEDORA-2013-12339, FEDORA-2013-12530, FEDORA-2013-12990, MDVSA-2013:194, openSUSE-SU-2013:1619-1, openSUSE-SU-2013:1773-1, openSUSE-SU-2013:1971-1, RHSA-2013:1166-01, RHSA-2013:1264-01, RHSA-2013:1645-02, SUSE-SU-2013:1473-1, SUSE-SU-2013:1474-1, SUSE-SU-2014:0536-1, VIGILANCE-VUL-13033, VMSA-2013-0007.1, VMSA-2013-0015.

Description of the vulnerability

Sockets of type AF_KEY are used to process Linux kernel cryptographic keys.

The key_notify_sa_flush() and key_notify_policy_flush() functions of the net/key/af_key.c file return an information message to the user. However, the message field "sadb_msg_reserved" (on two bytes) is not initialized before being returned.

An attacker can therefore use an AF_KEY socket, in order to obtain sensitive information on the Linux kernel.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2013-3383 CVE-2013-3384 CVE-2013-3385

Cisco Web Security Appliance: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Cisco Web Security Appliance.
Impacted products: AsyncOS, IronPort Web, Cisco WSA.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 02/07/2013.
Identifiers: cisco-sa-20130626-wsa, CSCzv24579, CSCzv44633, CSCzv58669, CSCzv63329, CSCzv69294, CSCzv78669, CSCzv85726, CVE-2013-3383, CVE-2013-3384, CVE-2013-3385, VIGILANCE-VUL-13032.

Description of the vulnerability

Several vulnerabilities were announced in Cisco Web Security Appliance.

An authenticated attacker can inject commands in the Web Framework. [severity:3/4; CSCzv69294, CVE-2013-3383]

An authenticated attacker can inject commands in the Web Framework. [severity:3/4; CSCzv24579, CSCzv44633, CSCzv85726, CVE-2013-3384]

A remote attacker can trigger a denial of service in the Graphical User Interface feature. [severity:2/4; CSCzv58669, CSCzv63329, CSCzv78669, CVE-2013-3385]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2013-3384 CVE-2013-3385 CVE-2013-3386

Cisco Content Security Management Appliance: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Cisco Content Security Management Appliance.
Impacted products: AsyncOS, Cisco Content SMA, IronPort Management.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 02/07/2013.
Identifiers: cisco-sa-20130626-sma, CSCzv24579, CSCzv25573, CSCzv44633, CSCzv58669, CSCzv63329, CSCzv78669, CSCzv81712, CSCzv85726, CVE-2013-3384, CVE-2013-3385, CVE-2013-3386, VIGILANCE-VUL-13031.

Description of the vulnerability

Several vulnerabilities were announced in Cisco Content Security Management Appliance.

An authenticated attacker can inject commands in the Web Framework. [severity:3/4; CSCzv24579, CSCzv44633, CSCzv85726, CVE-2013-3384]

A remote attacker can trigger a denial of service in the IronPort Spam Quarantine feature. [severity:2/4; CSCzv25573, CSCzv81712, CVE-2013-3386]

A remote attacker can trigger a denial of service in the Graphical User Interface feature. [severity:2/4; CSCzv58669, CSCzv63329, CSCzv78669, CVE-2013-3385]
Full Vigil@nce bulletin... (Free trial)

Previous page   Next page

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2846