| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-4083 |
20 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
2 |
CVE-2013-4082 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet. |
|
3 |
CVE-2013-4080 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet. |
|
4 |
CVE-2013-4079 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. |
|
5 |
CVE-2013-4078 |
20 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
6 |
CVE-2013-4077 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. |
|
7 |
CVE-2013-4076 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
8 |
CVE-2013-4075 |
399 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
9 |
CVE-2013-4074 |
189 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
10 |
CVE-2013-3954 |
20 |
|
DoS +Info |
2013-06-05 |
2013-06-06 |
5.4 |
None |
Local |
Medium |
Not required |
Partial |
None |
Complete |
|
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive information from kernel heap memory via a certain size value in conjunction with a crafted buffer. |
|
11 |
CVE-2013-3950 |
119 |
|
Overflow |
2013-06-05 |
2013-06-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLD_SHARED_CACHE_DIR environment variable. |
|
12 |
CVE-2013-3735 |
20 |
|
DoS |
2013-05-31 |
2013-06-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment. NOTE: the vendor's http://php.net/security-note.php page says "for critical security situations you should be using OS-level security by running multiple web servers each as their own user id." |
|
13 |
CVE-2013-3641 |
20 |
|
+Info |
2013-06-10 |
2013-06-11 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The Pizza Hut Japan Official Order application before 1.1.1.a for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
|
14 |
CVE-2013-3575 |
20 |
|
|
2013-06-14 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter. |
|
15 |
CVE-2013-3562 |
189 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
16 |
CVE-2013-3560 |
134 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
17 |
CVE-2013-3559 |
189 |
|
DoS Overflow Mem. Corr. |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. |
|
18 |
CVE-2013-3558 |
189 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
19 |
CVE-2013-3557 |
119 |
|
DoS Overflow |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
20 |
CVE-2013-3556 |
|
|
DoS |
2013-05-24 |
2013-05-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
21 |
CVE-2013-3555 |
20 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
22 |
CVE-2013-3511 |
20 |
|
|
2013-05-08 |
2013-05-08 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
|
23 |
CVE-2013-3504 |
22 |
|
Dir. Trav. |
2013-05-08 |
2013-05-08 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to overwrite arbitrary files by leveraging access to the nagios account. |
|
24 |
CVE-2013-3381 |
399 |
|
DoS |
2013-06-11 |
2013-06-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco Hosted Collaboration Mediation allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets on port 162, aka Bug ID CSCug85756. |
|
25 |
CVE-2013-3336 |
|
|
|
2013-05-09 |
2013-05-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors. |
|
26 |
CVE-2013-3242 |
20 |
|
DoS |
2013-05-03 |
2013-05-03 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors. |
|
27 |
CVE-2013-3210 |
200 |
|
+Info |
2013-04-19 |
2013-04-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain. |
|
28 |
CVE-2013-2981 |
22 |
|
Dir. Trav. |
2013-06-17 |
2013-06-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to read arbitrary files via unspecified vectors. |
|
29 |
CVE-2013-2959 |
255 |
|
+Info |
2013-05-27 |
2013-05-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 does not provide an encrypted session for transmitting login credentials, which allows remote attackers to obtain sensitive information by sniffing the network. |
|
30 |
CVE-2013-2954 |
287 |
|
|
2013-05-27 |
2013-05-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The login page in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 does not limit the number of incorrect authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. |
|
31 |
CVE-2013-2855 |
119 |
|
DoS Overflow Mem. Corr. |
2013-06-04 |
2013-06-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
|
32 |
CVE-2013-2848 |
200 |
|
XSS +Info |
2013-05-22 |
2013-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors. |
|
33 |
CVE-2013-2838 |
119 |
|
DoS Overflow |
2013-05-22 |
2013-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
34 |
CVE-2013-2835 |
264 |
|
Bypass |
2013-04-16 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2834. |
|
35 |
CVE-2013-2834 |
264 |
|
Bypass |
2013-04-16 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2835. |
|
36 |
CVE-2013-2832 |
119 |
|
Overflow +Info |
2013-04-16 |
2013-04-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote attackers to obtain sensitive information via unspecified vectors. |
|
37 |
CVE-2013-2770 |
20 |
|
|
2013-04-07 |
2013-04-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate. |
|
38 |
CVE-2013-2767 |
|
|
Bypass |
2013-04-25 |
2013-05-02 |
5.4 |
None |
Remote |
High |
Not required |
Complete |
None |
None |
|
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. |
|
39 |
CVE-2013-2763 |
119 |
|
DoS Overflow |
2013-04-04 |
2013-04-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions." |
|
40 |
CVE-2013-2744 |
200 |
|
+Info |
2013-04-02 |
2013-04-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function. |
|
41 |
CVE-2013-2737 |
200 |
|
+Info |
2013-05-16 |
2013-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to obtain sensitive information via unspecified vectors. |
|
42 |
CVE-2013-2716 |
310 |
|
|
2013-04-10 |
2013-04-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows remote attackers to obtain console access via a crafted cookie. |
|
43 |
CVE-2013-2686 |
119 |
|
DoS Overflow |
2013-04-01 |
2013-04-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976. |
|
44 |
CVE-2013-2640 |
264 |
|
XSS |
2013-03-22 |
2013-04-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting (XSS) attacks via unspecified vectors related to "formData=save" requests, a different version than CVE-2013-0731. |
|
45 |
CVE-2013-2633 |
20 |
|
+Info |
2013-03-21 |
2013-04-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters. |
|
46 |
CVE-2013-2503 |
20 |
|
|
2013-03-11 |
2013-04-10 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code. |
|
47 |
CVE-2013-2438 |
|
|
|
2013-04-17 |
2013-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. |
|
48 |
CVE-2013-2424 |
|
|
|
2013-04-17 |
2013-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator. |
|
49 |
CVE-2013-2419 |
|
|
|
2013-04-17 |
2013-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2. |
|
50 |
CVE-2013-2417 |
|
|
|
2013-04-17 |
2013-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue. |
