The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

threat bulletin CVE-2015-0203

qpid-cpp: denial of service via AMQP

Synthesis of the vulnerability

An attacker can force an assertion error in AMQP of qpid-cpp, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 22/06/2015.
Identifiers: CVE-2015-0203, FEDORA-2015-9503, FEDORA-2017-14f5c6cdac, FEDORA-2017-7bac3ba7c3, FEDORA-2017-f76bf63612, RHSA-2015:0660-01, RHSA-2015:0661-01, RHSA-2015:0662-01, RHSA-2015:0707-01, RHSA-2015:0708-01, VIGILANCE-VUL-17187.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force an assertion error in the AMQP protocol handling of qpid-cpp, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability 17186

pyjwt: signature spoofing

Synthesis of the vulnerability

An attacker can tweak the header and signature fields of a JWT token handled by pyjwt, in order to make it check ans accept a HMAC signature based on public data.
Severity: 2/4.
Creation date: 22/06/2015.
Identifiers: DSA-3293-1, FEDORA-2015-10249, FEDORA-2015-10350, VIGILANCE-VUL-17186.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can tweak the header and signature fields of a JWT token handled by pyjwt, in order to make it check ans accept a HMAC signature based on public data.

This vulnerability is a special case of the one described in VIGILANCE-VUL-16543.
Full Vigil@nce bulletin... (Free trial)

security weakness 17184

Magento: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 19/06/2015.
Identifiers: VIGILANCE-VUL-17184.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Magento.

An attacker can trigger a Cross Site Scripting via the "filename" parameter, in order to execute JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Request Forgery in the page "magento-connect/message/message/create/", in order to force the victim to perform operations. [severity:2/4]

An attacker can trigger a Cross Site Scripting in "theme.less.php", via the "general_front" parameter, in order to execute JavaScript code in the context of the web site. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

cybersecurity vulnerability CVE-2015-4130

ungit: code execution via child_process.exec

Synthesis of the vulnerability

An attacker can use a vulnerability in child_process.exec of ungit, in order to execute code.
Severity: 2/4.
Creation date: 19/06/2015.
Identifiers: CVE-2015-4130, VIGILANCE-VUL-17183.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The ungit product offers a web service.

Ungit use child_process.exec to commit a new code. However, an attacker can inject command because of bad filtering.

An attacker can therefore inject commands in child_process.exec of ungit, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 17182

Joomla BeestoHelpDesk: information disclosure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Joomla BeestoHelpDesk, in order to obtain sensitive information.
Severity: 1/4.
Creation date: 19/06/2015.
Identifiers: VIGILANCE-VUL-17182.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The BeestoHelpDesk extension can be installed on Joomla.

BeestoHelpDesk is a ticket support systel on joomla. However, an attacker can bypass access restrictions to data.

An attacker can therefore exploit the vulnerability of Joomla BeestoHelpDesk, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2015-3963

Wind River VxWorks: guessable TCP sequence numbers

Synthesis of the vulnerability

An attacker can guess the TCP sequence number of the Wind River VxWorks IP stack, in order to kill connections or hijack them.
Severity: 2/4.
Creation date: 19/06/2015.
Identifiers: CVE-2015-3963, ICSA-15-169-01, VIGILANCE-VUL-17181.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Wind River VxWorks product includes an IP stack.

The synchronization of the endpoint hosts about the TCP exchange status is based on sequence numbers included in the TCP packets. However, the sequence numbers selected by the IP stack of VxWorks are guessable. An attacker that can guess them can, without needing to intercept the normal traffic, close the connection of insert its own packets in the connection, for instance after the authentication phase.

An attacker can therefore guess the TCP sequence number of the Wind River VxWorks IP stack, in order to kill connections or hijack them.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 17180

WordPress Theme Salem: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of WordPress Salem theme, in order to execute JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 19/06/2015.
Identifiers: VIGILANCE-VUL-17180.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Salem theme can be installed on WordPress.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of WordPress Salem theme, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

weakness 17179

WordPress Ultimate Member: Cross Site Scripting of the parameter "url"

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in "admin-ajax.php" of WordPress Ultimate Member, in order to execute JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 19/06/2015.
Identifiers: VIGILANCE-VUL-17179.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Ultimate Member plugin can be installed on WordPress.

However, it does not filter data received from the parameter "url" in the page "admin-ajax.php" before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in "admin-ajax.php" of WordPress Ultimate Member, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer weakness announce 17178

WordPress Erident Custom Login and Dashboard: Cross Site Scripting of er-custom-login.php

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in "er-custom-login.php" of WordPress Erident Custom Login and Dashboard, in order to execute JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 19/06/2015.
Identifiers: VIGILANCE-VUL-17178.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Erident Custom Login and Dashboard plugin can be installed on WordPress.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in er-custom-login.php of WordPress Erident Custom Login and Dashboard, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer weakness CVE-2015-5151

WordPress Revslider: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WordPress Revslider.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 19/06/2015.
Identifiers: CVE-2015-5151, VIGILANCE-VUL-17177.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in WordPress Revslider.

An attacker can trigger a Cross Site Scripting via the parameter "client_action", in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2015-5151]

An attacker can bypass security features of administration pages, in order to obtain sensitive information. [severity:1/4]

An attacker can traverse directories with the path specified in the "img" parameter, in order to read a file outside the root path. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1611 1612 1613 1614 1615 1616 1617 1618 1619 1621 1623 1624 1625 1626 1627 1628 1629 1630 1631 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2901 2921 2927