CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
8601 CVE-2013-1865 287 Bypass 2013-03-22 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.
8602 CVE-2013-1863 264 2013-03-19 2013-03-21
6.0
None Remote Medium Single system Partial Partial Partial
Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
8603 CVE-2013-1860 119 DoS Exec Code Overflow 2013-03-22 2016-12-07
6.9
None Local Medium Not required Complete Complete Complete
Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.
8604 CVE-2013-1859 264 2013-03-27 2013-03-28
6.4
None Remote Low Not required Partial Partial None
The Node Parameter Control module 6.x-1.x for Drupal does not properly restrict access to the configuration options, which allows remote attackers to read and edit configuration options via unspecified vectors.
8605 CVE-2013-1850 94 Exec Code 2014-03-14 2014-03-25
6.5
None Remote Low Single system Partial Partial Partial
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud before 4.0.13 and 4.5.x before 4.5.8 allow remote authenticated users to execute arbitrary PHP code by uploading a .htaccess file.
8606 CVE-2013-1848 20 +Priv 2013-03-22 2014-02-06
6.2
None Local High Not required Complete Complete Complete
fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.
8607 CVE-2013-1843 399 2013-03-20 2013-06-04
6.4
None Remote Low Not required Partial Partial None
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
8608 CVE-2013-1836 264 2013-03-25 2013-12-05
6.5
None Remote Low Single system Partial Partial Partial
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access.
8609 CVE-2013-1828 20 1 +Priv 2013-03-22 2013-11-30
6.9
None Local Medium Not required Complete Complete Complete
The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.
8610 CVE-2013-1827 DoS +Priv 2013-03-22 2013-06-04
6.2
None Local High Not required Complete Complete Complete
net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsockopt call.
8611 CVE-2013-1826 DoS +Priv 2013-03-22 2013-06-04
6.2
None Local High Not required Complete Complete Complete
The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.
8612 CVE-2013-1806 22 Dir. Trav. 2014-04-30 2014-05-01
6.5
None Remote Low Single system Partial Partial Partial
Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the (2) enable parameter to administration/user_fields.php or (3) file parameter to administration/db_backup.php.
8613 CVE-2013-1798 20 DoS +Info 2013-03-22 2014-01-27
6.2
None Local Network High Not required Complete None Complete
The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.
8614 CVE-2013-1797 399 DoS Mem. Corr. 2013-03-22 2014-01-27
6.8
None Local Network High Not required Complete Complete Complete
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
8615 CVE-2013-1796 119 DoS Overflow Mem. Corr. 2013-03-22 2016-12-07
6.8
None Local Network High Not required Complete Complete Complete
The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.
8616 CVE-2013-1794 119 DoS Exec Code Overflow 2013-03-13 2017-08-28
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.
8617 CVE-2013-1790 119 Overflow 2013-04-09 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
8618 CVE-2013-1788 119 DoS Exec Code Overflow 2013-04-09 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
8619 CVE-2013-1775 264 Bypass 2013-03-05 2016-11-28
6.9
None Local Medium Not required Complete Complete Complete
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
8620 CVE-2013-1773 119 1 DoS Overflow +Priv 2013-02-28 2016-12-07
6.2
None Local High Not required Complete Complete Complete
Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.
8621 CVE-2013-1767 399 DoS +Priv 2013-02-28 2013-08-22
6.2
None Local High Not required Complete Complete Complete
Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.
8622 CVE-2013-1762 94 Exec Code Overflow 2013-03-08 2014-01-17
6.6
None Remote High Not required Partial Partial Complete
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
8623 CVE-2013-1734 352 CSRF 2013-10-24 2013-10-24
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action.
8624 CVE-2013-1733 352 CSRF 2013-10-24 2013-10-24
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token.
8625 CVE-2013-1731 20 Exec Code 2013-09-18 2013-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.
8626 CVE-2013-1730 119 DoS Exec Code Overflow 2013-09-18 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.
8627 CVE-2013-1726 264 +Priv 2013-09-18 2017-09-18
6.2
None Local High Not required Complete Complete Complete
Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating a Trojan horse file after MAR signature verification but before MAR use.
8628 CVE-2013-1725 119 Exec Code Overflow 2013-09-18 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.
8629 CVE-2013-1720 119 DoS Exec Code Overflow 2013-09-18 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
8630 CVE-2013-1715 +Priv 2013-08-06 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory. NOTE: this issue exists because of an incomplete fix for CVE-2012-4206.
8631 CVE-2013-1712 +Priv 2013-08-06 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory.
8632 CVE-2013-1673 264 +Priv 2013-05-16 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not properly maintain Mozilla Maintenance Service registry entries in certain situations involving upgrades from older Firefox versions, which allows local users to gain privileges by leveraging write access to a "trusted path."
8633 CVE-2013-1672 264 +Priv Bypass 2013-05-16 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.
8634 CVE-2013-1662 264 +Priv 2013-08-23 2013-08-26
6.9
None Local Medium Not required Complete Complete Complete
vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function.
8635 CVE-2013-1639 352 Bypass CSRF 2013-02-08 2013-02-08
6.8
None Remote Medium Not required Partial Partial Partial
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
8636 CVE-2013-1633 20 Exec Code 2013-08-05 2013-10-11
6.8
None Remote Medium Not required Partial Partial Partial
easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.
8637 CVE-2013-1630 20 Exec Code 2013-08-05 2013-10-07
6.8
None Remote Medium Not required Partial Partial Partial
pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation.
8638 CVE-2013-1629 20 Exec Code 2013-08-05 2013-09-24
6.8
None Remote Medium Not required Partial Partial Partial
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation.
8639 CVE-2013-1610 +Priv 2013-08-05 2013-08-05
6.8
None Local Low Single system Complete Complete Complete
Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.
8640 CVE-2013-1609 +Priv 2013-03-26 2013-03-27
6.8
None Local Low Single system Complete Complete Complete
Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.
8641 CVE-2013-1608 22 Dir. Trav. 2013-03-26 2013-03-26
6.7
None Local Network Low Single system Complete Partial Partial
Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors.
8642 CVE-2013-1553 2013-04-17 2013-10-10
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Services Security.
8643 CVE-2013-1552 2013-04-17 2014-02-20
6.0
None Remote Medium Single system Partial Partial Partial
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
8644 CVE-2013-1551 2013-04-17 2013-10-10
6.0
None Remote Medium Single system Partial Partial Partial
Unspecified vulnerability in the Siebel Enterprise Application Integration component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Integration Business Services.
8645 CVE-2013-1531 2013-04-17 2014-02-20
6.0
None Remote Medium Single system Partial Partial Partial
Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
8646 CVE-2013-1521 2013-04-17 2014-02-20
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
8647 CVE-2013-1495 59 2013-03-18 2013-10-10
6.9
None Local Medium Not required Complete Complete Complete
asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp.
8648 CVE-2013-1431 20 Bypass 2013-09-23 2016-11-08
6.8
None Remote Medium Not required Partial Partial Partial
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.
8649 CVE-2013-1428 119 DoS Exec Code Overflow 2013-04-26 2013-11-30
6.5
None Remote Low Single system Partial Partial Partial
Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packet.
8650 CVE-2013-1423 59 +Info 2013-03-13 2013-03-19
6.9
None Local Medium Not required Complete Complete Complete
(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_update.pl, (5) deb-specific/ssh_dump_update.pl, (6) deb-specific/user_dump_update.pl, (7) plugins/scmbzr/common/BzrPlugin.class.php, (8) plugins/scmcvs/common/CVSPlugin.class.php, (9) plugins/scmcvs/cronjobs/cvs.php, (10) plugins/scmcvs/cronjobs/ssh_create.php, (11) plugins/scmgit/common/GitPlugin.class.php, (12) plugins/scmsvn/common/SVNPlugin.class.php, (13) plugins/wiki/cronjobs/create_groups.php, (14) utils/cvs1/cvscreate.sh, and (15) utils/include.pl in FusionForge 5.0, 5.1, and 5.2 allows local users to change arbitrary file permissions, obtain sensitive information, and have other unspecified impacts via a (1) symlink or (2) hard link attack on certain files.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.