U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Bulletin (SB15-117)

Vulnerability Summary for the Week of April 20, 2015

Original release date: April 27, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apport_project -- apportThe crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).2015-04-177.2CVE-2015-1318
CONFIRM
CONFIRM
UBUNTU
cisco -- unified_meetingplaceUnrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.2015-04-209.0CVE-2015-0702
CISCO
google -- chromeUse-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation.2015-04-197.5CVE-2015-1237
CONFIRM
CONFIRM
CONFIRM
google -- chromeSkia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.2015-04-197.5CVE-2015-1238
CONFIRM
CONFIRM
google -- chromeThe ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization.2015-04-197.5CVE-2015-1242
CONFIRM
CONFIRM
CONFIRM
CONFIRM
google -- chromeMultiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.2015-04-197.5CVE-2015-1249
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
google -- chromeMultiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.2015-04-197.5CVE-2015-3333
CONFIRM
google -- chromeThe NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox.2015-04-197.5CVE-2015-3335
CONFIRM
CONFIRM
ibm -- dominoIBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.2015-04-2110.0CVE-2015-0135
CONFIRM
kiegroup -- droolsXML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.2015-04-217.5CVE-2014-8125
CONFIRM
CONFIRM
CONFIRM
REDHAT
REDHAT
microsoft -- windows_7Unspecified vulnerability in Microsoft Windows before 8 allows local users to gain privileges via unknown vectors, as exploited in the wild in April 2015.2015-04-217.2CVE-2015-1701
MISC
MISC
new_atlanta -- blue_dragonDirectory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.2015-04-217.5CVE-2014-5370
MISC
FULLDISC
MISC
searchblox -- searchbloxUnrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 8.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and the image/jpeg content type, a different vulnerability than CVE-2013-3590.2015-04-177.5CVE-2015-0968
CERT-VN
simple_ads_manager_project -- simple_ads_managerUnrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the path parameter.2015-04-217.5CVE-2015-2825
CONFIRM
MISC
FULLDISC
MISC
sixapart -- movabletypeFormat string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates.2015-04-177.5CVE-2015-0845
CONFIRM
DEBIAN
tp-link -- tl-wrd741nd_(5.0)Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.2015-04-217.8CVE-2015-3035
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
BUGTRAQ
FULLDISC
MISC
wikiwiki_project -- wikiwikiSQL injection vulnerability in the WikiWiki module before 6.x-1.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.2015-04-217.5CVE-2015-3346
MISC
CONFIRM
MLIST
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
alfresco -- alfrescoCross-site request forgery (CSRF) vulnerability in the Alfresco module before 6.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete an alfresco node via unspecified vectors.2015-04-215.8CVE-2015-3366
MISC
CONFIRM
MLIST
amazon_aws_project -- amazon_awsThe Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and AWS access key to generate the access token, which makes it easier for remote attackers to guess the token value and create backups via a crafted URL.2015-04-215.0CVE-2015-3373
MISC
CONFIRM
MLIST
CONFIRM
apache -- tomcat_connectorsApache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors.2015-04-215.0CVE-2014-8111
REDHAT
REDHAT
REDHAT
REDHAT
balanced -- commerce_balanced_paymentsCross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete the user's configured bank accounts via unspecified vectors.2015-04-215.8CVE-2015-3388
MISC
MLIST
batch_jobs_project -- batch_jobsMultiple cross-site request forgery (CSRF) vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that (1) delete a batch job record or (2) execute a task via unspecified vectors.2015-04-216.8CVE-2015-3355
MISC
MISC
MLIST
certify_project -- certifyThe Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing (and creating) the PDF certificates."2015-04-224.0CVE-2015-3404
MISC
CONFIRM
MLIST
MLIST
cisco -- unified_meetingplaceCross-site scripting (XSS) vulnerability in the administrative web interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus95857.2015-04-204.3CVE-2015-0703
CISCO
cisco -- unified_meetingplaceMultiple cross-site request forgery (CSRF) vulnerabilities in API features in Cisco Unified MeetingPlace 8.6(1.9) allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus95884.2015-04-216.8CVE-2015-0704
CISCO
cisco -- unified_meetingplaceCross-site request forgery (CSRF) vulnerability in the SOAP API endpoints of the web-services directory in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts, aka Bug ID CSCus97494.2015-04-216.8CVE-2015-0705
CISCO
cisco -- firesight_system_softwareOpen redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966.2015-04-225.8CVE-2015-0706
CISCO
cloudwords -- cloudwords_for_multilingualCross-site request forgery (CSRF) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback.2015-04-216.8CVE-2015-3347
MISC
CONFIRM
MLIST
corner_project -- _cornerMultiple cross-site request forgery (CSRF) vulnerabilities in the Corner module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable corners via unspecified vectors.2015-04-215.8CVE-2015-3374
MISC
MLIST
dounokouno -- transmitmailCross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.2015-04-234.3CVE-2015-0910
JVNDB
JVN
CONFIRM
dounokouno -- transmitmailDirectory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling.2015-04-235.0CVE-2015-0911
JVNDB
JVN
CONFIRM
fibonacciorange -- wedealOpen redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter.2015-04-215.8CVE-2015-3393
MISC
CONFIRM
XF
MLIST
funnymonkey -- feature_setMultiple cross-site request forgery (CSRF) vulnerabilities in the Feature Set module for Drupal allow remote attackers to hijack the authentication of administrator for requests that (1) enable or (2) disable a module via unspecified vectors.2015-04-215.8CVE-2015-3380
MISC
MLIST
google -- chromeThe ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.2015-04-195.0CVE-2015-1235
CONFIRM
CONFIRM
CONFIRM
google -- chromeThe MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element.2015-04-194.3CVE-2015-1236
CONFIRM
CONFIRM
CONFIRM
google -- chromegpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.2015-04-195.0CVE-2015-1240
CONFIRM
CONFIRM
CONFIRM
google -- chromeGoogle Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.2015-04-194.3CVE-2015-1241
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
google -- chromeThe URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.2015-04-195.0CVE-2015-1244
CONFIRM
CONFIRM
CONFIRM
google -- chromeUse-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering interaction with a PDFium "Open PDF in Reader" button that has an invalid tab association.2015-04-196.8CVE-2015-1245
CONFIRM
CONFIRM
CONFIRM
google -- chromeBlink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.2015-04-195.0CVE-2015-1246
CONFIRM
CONFIRM
google -- chromeThe SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site.2015-04-195.0CVE-2015-1247
CONFIRM
CONFIRM
CONFIRM
google -- chromeThe FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL.2015-04-194.3CVE-2015-1248
CONFIRM
CONFIRM
google -- chromebrowser/ui/website_settings/website_settings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive video data from a device's physical environment via a crafted web site that turns on the camera at a time when the user believes that camera access is prohibited.2015-04-194.3CVE-2015-3334
CONFIRM
CONFIRM
google -- chromeGoogle Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruption) by constructing a crafted HTML document containing JavaScript code with requestFullScreen and requestPointerLock calls, and arranging for the user to access this document with a file: URL.2015-04-194.3CVE-2015-3336
CONFIRM
CONFIRM
htaccess_project -- htaccessMultiple cross-site request forgery (CSRF) vulnerabilities in the Htaccess module before 7.x-2.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) deploy or (2) delete an .htaccess file via unspecified vectors.2015-04-216.8CVE-2015-3349
MISC
CONFIRM
MLIST
ibm -- infosphere_biginsightsThe Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via (1) a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary user or (2) an import of a certain Hive table definition with the HCAT_SYNC_OBJECTS procedure.2015-04-226.5CVE-2015-1889
CONFIRM
insite -- node_basketMultiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2) remove nodes from a basket via unspecified vectors.2015-04-215.8CVE-2015-3382
MISC
MLIST
insite -- node_basketOpen redirect vulnerability in the Node basket module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.2015-04-215.8CVE-2015-3383
MISC
MLIST
jammer_project -- jammerMultiple cross-site request forgery (CSRF) vulnerabilities in the Jammer module before 6.x-1.8 and 7.x-1.x before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete a setting for (1) hidden form elements or (2) status messages via unspecified vectors, related to "report administration."2015-04-216.8CVE-2015-3352
MISC
CONFIRM
CONFIRM
MLIST
joshics -- contact_form_fieldsCross-site request forgery (CSRF) vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete fields via unspecified vectors.2015-04-216.8CVE-2015-3363
MISC
CONFIRM
MLIST
landesk -- landesk_management_suiteMultiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serverServices.aspx.2015-04-216.8CVE-2014-5361
BUGTRAQ
MISC
levelteninteractive -- content_analysisCross-site scripting (XSS) vulnerability in the Content Analysis module before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message.2015-04-214.3CVE-2015-3364
MISC
CONFIRM
MLIST
linux -- linux_kernelnet/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.2015-04-214.6CVE-2015-2041
CONFIRM
CONFIRM
MLIST
CONFIRM
linux -- linux_kernelnet/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.2015-04-214.6CVE-2015-2042
CONFIRM
CONFIRM
MLIST
CONFIRM
log_watcher_project -- log_watcherMultiple cross-site request forgery (CSRF) vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable, (2) disable, or (3) delete a report via unspecified vectors.2015-04-216.8CVE-2015-3351
MISC
CONFIRM
MLIST
niif -- shibboleth_authentication_moduleCross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors.2015-04-215.8CVE-2015-3375
MISC
CONFIRM
CONFIRM
MLIST
node_invite_project -- node_inviteCross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "node_invite_can_manage_invite" permission for requests that re-enable node invitations via unspecified vectors.2015-04-216.8CVE-2015-3370
MISC
CONFIRM
MLIST
node_invite_project -- node_inviteOpen redirect vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.2015-04-215.8CVE-2015-3371
MISC
CONFIRM
MLIST
opac_project -- opacCross-site request forgery (CSRF) vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors.2015-04-216.8CVE-2015-3343
MISC
CONFIRM
MLIST
openstack -- keystonemiddlewareThe s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.2015-04-174.3CVE-2015-1852
CONFIRM
MLIST
openstack -- swiftOpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.2015-04-175.5CVE-2015-1856
CONFIRM
MLIST
path_breadcrumbs_project -- path_breadcrumbsThe Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtaining sensitive node titles by reading a 403 Not Found page.2015-04-215.0CVE-2015-3391
MISC
CONFIRM
XF
MLIST
patterns -- patternsMultiple cross-site request forgery (CSRF) vulnerabilities in the Patterns module before 7.x-2.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) restore, (2) publish, or (3) unpublish a pattern via unspecified vectors.2015-04-216.8CVE-2015-3367
MISC
CONFIRM
MLIST
phplist_integration_project -- phplist_integrationSQL injection vulnerability in the PHPlist Integration Module before 6.x-1.7 for Drupal allows remote administrators to execute arbitrary SQL commands via unspecified vectors, related to the "phpList database."2015-04-216.5CVE-2015-3345
MISC
CONFIRM
MLIST
qemu -- qemuThe (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.2015-04-214.9CVE-2014-9718
MLIST
CONFIRM
searchblox -- searchbloxMultiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.2015-04-174.3CVE-2015-0967
CERT-VN
searchblox -- searchbloxSearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI.2015-04-175.0CVE-2015-0969
CERT-VN
searchblox -- searchbloxCross-site request forgery (CSRF) vulnerability in SearchBlox before 8.2 allows remote attackers to hijack the authentication of arbitrary users.2015-04-176.8CVE-2015-0970
CERT-VN
symantec -- workspace_streamingUnquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.2015-04-226.9CVE-2015-1484
CONFIRM
BID
tadaa!_project -- tadaa!Multiple cross-site request forgery (CSRF) vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) enable or (2) disable modules or (3) change variables via unspecified vectors.2015-04-216.8CVE-2015-3356
CONFIRM
MISC
MLIST
tadaa!_project -- tadaa!Multiple open redirect vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a destination parameter, related to callbacks that (1) enable and disable modules or (2) change variables.2015-04-215.8CVE-2015-3358
MISC
CONFIRM
MLIST
todo_filter_project -- todo_filterCross-site request forgery (CSRF) vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors.2015-04-216.8CVE-2015-3350
MISC
CONFIRM
CONFIRM
MLIST
ubercart_currency_conversion_project -- ubercart_currency_conversionOpen redirect vulnerability in the Ubercart Currency Conversion module before 6.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter.2015-04-215.8CVE-2015-3342
MISC
CONFIRM
BID
MLIST
views_project -- viewsOpen redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to the break lock page for edited views.2015-04-214.9CVE-2015-3378
MISC
CONFIRM
CONFIRM
CONFIRM
MLIST
views_project -- viewsThe Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspecified vectors.2015-04-214.0CVE-2015-3379
MISC
CONFIRM
CONFIRM
CONFIRM
MLIST
wishlist_project -- wishlistCross-site request forgery (CSRF) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete wishlist purchase intentions via unspecified vectors.2015-04-215.8CVE-2015-3354
MISC
CONFIRM
CONFIRM
MLIST
Back to top

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
ajax_timeline_project -- ajax_timelineCross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-213.5CVE-2015-3392
MISC
CONFIRM
XF
MLIST
cisco -- firesight_system_softwareCross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCus85425.2015-04-223.5CVE-2015-0707
CISCO
cloudwords -- cloudwords_for_multilingualCross-site scripting (XSS) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-213.5CVE-2015-3348
MISC
CONFIRM
MLIST
commerce_balanced_payments_project -- commerce_balanced_paymentsCross-site scripting (XSS) vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.2015-04-213.5CVE-2015-3384
MISC
MLIST
dlc_solutions -- courseCross-site scripting (XSS) vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-213.5CVE-2015-3344
MISC
CONFIRM
CONFIRM
MLIST
facebook_album_fetcher_project -- facebook_album_fetcherCross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors.2015-04-213.5CVE-2015-3390
MISC
XF
MLIST
field_display_label_project -- field_display_labelCross-site scripting (XSS) vulnerability in the Field Display Label module before 7.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the alternate field label in content types settings.2015-04-213.5CVE-2015-3353
MISC
CONFIRM
MLIST
insite -- node_basketCross-site scripting (XSS) vulnerability in the Node basket module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.2015-04-213.5CVE-2015-3381
MISC
MLIST
linkit_project -- linkitCross-site scripting (XSS) vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-212.1CVE-2015-3361
MISC
CONFIRM
CONFIRM
MLIST
node_access_product_project -- node_access_productCross-site scripting (XSS) vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-213.5CVE-2015-3386
MISC
MLIST
node_invite_project -- node_inviteCross-site scripting (XSS) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-213.5CVE-2015-3372
MISC
CONFIRM
MLIST
nodeauthor_project -- nodeauthorCross-site scripting (XSS) vulnerability in the nodeauthor module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a Profile2 field in a provided block.2015-04-213.5CVE-2015-3365
MISC
MLIST
osinet -- classified_adsCross-site scripting (XSS) vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a category name.2015-04-213.5CVE-2015-3368
MISC
CONFIRM
CONFIRM
MLIST
public_download_count_project -- public_download_countCross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authnticated users to inject arbitrary web script or HTML via unspecified vectors.2015-04-213.5CVE-2015-3389
MISC
XF
MLIST
quizzler_project -- quizzlerCross-site scripting (XSS) vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-213.5CVE-2015-3376
MISC
CONFIRM
MLIST
randall_library -- room_reservationsMultiple cross-site scripting (XSS) vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the (1) node title of a "Room Reservations Category" or (2) body of a "Room Reservations Room" node.2015-04-213.5CVE-2015-3359
MISC
CONFIRM
MLIST
redhat -- jboss_enterprise_application_platformThe default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors.2015-04-212.1CVE-2014-3586
CONFIRM
REDHAT
REDHAT
REDHAT
REDHAT
taxonews_project -- taxonewsCross-site scripting (XSS) vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block.2015-04-213.5CVE-2015-3369
MISC
CONFIRM
CONFIRM
MLIST
taxonomy_path_project -- taxonomy_pathCross-site scripting (XSS) vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link to path" field formatter.2015-04-213.5CVE-2015-3385
MISC
CONFIRM
MLIST
taxonomy_tools_project -- taxonomy_toolsMultiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Tools module before 7.x-1.4 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via a (1) node or (2) taxonomy term title.2015-04-213.5CVE-2015-3387
MISC
CONFIRM
MLIST
term_merge_project -- term_mergeCross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.2015-04-213.5CVE-2015-3360
MISC
CONFIRM
MLIST
video_project -- videoCross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title.2015-04-213.5CVE-2015-3362
MISC
CONFIRM
MLIST
wishlist_project -- wishlistCross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message.2015-04-213.5CVE-2015-3357
MISC
CONFIRM
CONFIRM
MLIST
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top