Cyber criminals are in a constant endeavor to discover various ways to attack IT users. They look out for opportunities to exploit technologies used by IT users and take undue advantage of the information stolen.
The US-CERT Cyber Security Bulletin provides a summary of latest vulnerabilities that have been recorded by its research department for the week of February 23, 2015. The National Institute of Standards and Technology (NIST) has found vulnerabilities that can make a system prone to malware attacks and unauthorized access.
Some of the common vulnerabilities and their impact recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week are as mentioned below:
- SQL injection vulnerability in videogalleryrss.php in the Apptha WordPress Video Gallery (contus-video-gallery) plugin before 2.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the vid parameter in an rss action to wp-admin/admin-ajax.php. Find out other vulnerable versions from here: https://1.usa.gov/1vSsHC9.
- Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function. Find out other vulnerable versions from here: https://1.usa.gov/1DJBKFw.
- Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data. Find out other vulnerable versions from here: https://1.usa.gov/1GaR29F.
- Moreover, multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Find out other vulnerable versions from here: https://1.usa.gov/1CihxsB.
- SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php. Find out other vulnerable versions from here: https://1.usa.gov/1AONTJs.
- It is found that there are multiple cross-site request forgery (CSRF) vulnerabilities in the Acobot Live Chat & Contact Form plugin 2.0 for WordPress that allows remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or (2) conduct cross-site scripting (XSS) attacks via the acobot_token parameter in the acobot page to wp-admin/options-general.php. Find out other vulnerable versions from here: https://1.usa.gov/1DJCpXD.
- Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Find out other vulnerable versions from here: https://1.usa.gov/1F0Jpir.
- The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding _opt_ parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scopes including the SID and LSID scopes, and consequently obtain access to a Google account, via a crafted application, as demonstrated by setting the has_permission=1 parameter value upon finding _opt_has_permission in that argument. Find out other vulnerable versions from here: https://1.usa.gov/1FNvblh.
- The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet. Find out other vulnerable versions from here: https://1.usa.gov/1AvAaT9.
- Buffer overflow which is in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function. Find out other vulnerable versions from here: https://1.usa.gov/1AOR9EL.
- The Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtain sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node. Find out other vulnerable versions from here: https://1.usa.gov/1E9QeQk.
There are many such vulnerable software ranked in the division of high, medium, and low severities. To know more about these vulnerable software and the affected versions, please read the US-CERT Cyber Security Bulletin from here: https://1.usa.gov/17K9hUO.