Monthly Archive: October 2014

Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source. Date published...

Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user...

Multiple cross-site scripting (XSS) vulnerabilities in Croogo before 2.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Contact][title] parameter to admin/contacts/contacts/add page; (2) data[Block][title] or (3) data[Block][alias] parameter to...

The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote attackers to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing." Date published : 2014-10-31 http://www.securityfocus.com/bid/70812 https://github.com/bittorrent/bootstrap-dht/commit/bbc0b7191e3f48461ca6e5b1b34bdf4b3f1e79a9

Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 applications, does not properly encrypt cached application data, which allows context-dependent attackers to obtain sensitive information by reading the cache. Date published...

The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors. Date published : 2014-10-31 https://github.com/desrt/systemd-shim/commit/d2e91c118f6128875274a638007702d1cc665893 http://www.ubuntu.com/usn/USN-2392-1

The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup[‘filepath’] (aka "Path to Backup:" field) or (2) $backup[‘mysqldumppath’] variable....

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state. Date published : 2014-10-31 https://bugs.launchpad.net/nova/+bug/1359138...

lib/functions/database.class.php in TestLink before 1.9.13 allows remote attackers to obtain sensitive information via unspecified vectors, which reveals the installation path in an error message. Date published : 2014-10-31 http://www.securityfocus.com/bid/70713 http://www.securityfocus.com/archive/1/533799/100/0/threaded

lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filter_result_result parameter. Date published : 2014-10-31 http://www.securityfocus.com/bid/70711 http://www.securityfocus.com/archive/1/533798/100/0/threaded

Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the desc parameter in an errors action to install/index.php. Date published : 2014-10-31 http://www.securityfocus.com/bid/70806 http://www.securityfocus.com/archive/1/533844/100/0/threaded

install/index.php in EspoCRM before 2.6.0 allows remote attackers to re-install the application via a 1 value in the installProcess parameter. Date published : 2014-10-31 http://www.securityfocus.com/bid/70811 http://www.securityfocus.com/archive/1/533844/100/0/threaded

Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter to install/index.php. Date published : 2014-10-31 http://www.securityfocus.com/bid/70809 http://www.securityfocus.com/archive/1/533844/100/0/threaded

XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/. Date published : 2014-10-31 http://www.securityfocus.com/bid/70771...