Vulnerability Recorded for the Week of July 14, 2014 – By US-CERT

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by their research department for the Week of July 14, 2014.

The National Institute of Standards and Technology (NIST) have recorded vulnerabilities, which are security weakness found in a program or operating system that can make a system susceptible to malware attacks.

Common vulnerabilities and their impact recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week are:

  • Vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows cyber-criminal to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Find out its vulnerable versions from here: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2483
  • Vulnerabilities in in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows attackers to inject malicious web script or HTML via unspecified locations. Find out its vulnerable versions from here: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4346
  • Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute uninformed SQL commands, which will therefore allow unauthorized disclosure of information, unauthorized modification and disruption of service. Find out its vulnerable versions from here: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4977
  • Cross-site scripting (XSS) vulnerability in IBM Business Process Manager 7.5 through 8.5.5, and WebSphere Lombardi Edition 7.2, allows hackers to inject arbitrary web script or HTML via a crafted URL. Find out its vulnerable versions from here: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0957

There are many such vulnerable software ranked in the division of high, medium, and low severities.

To know more about these vulnerable software and the affected versions read the US-CERT Cyber Security Bulletin from here: https://www.us-cert.gov/ncas/bulletins/SB14-202

This entry was posted in eScan 11, eScan 14, MailScan, Security and tagged , , . Bookmark the permalink.