Monthly Archive: April 2014

A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program....

SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute arbitrary SQL commands via the TroncoID parameter. Date published : 2014-04-11 http://www.securityfocus.com/bid/66590 http://www.exploit-db.com/exploits/32660

SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_directory. Date published : 2014-04-11 http://www.securityfocus.com/bid/66667 http://www.securityfocus.com/archive/1/531781/100/0/threaded

Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet...

Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained...

Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870. Date published : 2014-04-11...

Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to...

Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID...

Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine before 2.4.5 and 2.5.x before 2.5.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL...

Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename. Date published : 2014-04-11 http://jvn.jp/en/jp/JVN47386847/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000035

VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. Date published : 2014-04-11...

VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an...

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. Date published : 2014-04-11 http://www.securityfocus.com/bid/66709 https://www.exploit-db.com/exploits/42724/

The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted packet. Date...