CVE-2014-0369CVE-2014-0369

Affected configuration(s):

cpe:/a:oracle:siebel_crm:8.1.1
cpe:/a:oracle:siebel_crm:8.2.2

Date published: 2014-01-15T11:08:06.720-05:00

Date last modified: 2016-11-18T22:02:35.753-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Summary: Unspecified vulnerability in the Siebel Core – EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Java Integration, a different vulnerability than CVE-2015-0366.

CVE-2014-0367CVE-2014-0367

Affected configuration(s):

cpe:/a:oracle:hyperion:11.1.2.1
cpe:/a:oracle:hyperion:11.1.2.2
cpe:/a:oracle:hyperion:11.1.2.3

Date published: 2014-01-15T11:08:06.657-05:00

Date last modified: 2014-02-06T23:51:40.833-05:00

CVSS Score: 5.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Summary: Unspecified vulnerability in the Hyperion Essbase Administration Services component in Oracle Hyperion 11.1.2.1, 11.1.2.2, and 11.1.2.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Admin Console.

CVE-2014-0617CVE-2014-0617

Affected configuration(s):

cpe:/h:juniper:srx100:-
cpe:/h:juniper:srx110:-
cpe:/h:juniper:srx1400:-
cpe:/h:juniper:srx210:-
cpe:/h:juniper:srx220:-
cpe:/h:juniper:srx240:-
cpe:/h:juniper:srx3400:-
cpe:/h:juniper:srx3600:-
cpe:/h:juniper:srx550:-
cpe:/h:juniper:srx5600:-
cpe:/h:juniper:srx5800:-
cpe:/h:juniper:srx650:-
cpe:/o:juniper:junos:10.4r
cpe:/o:juniper:junos:10.4s
cpe:/o:juniper:junos:11.4
cpe:/o:juniper:junos:12.1r

Date published: 2014-01-15T11:08:04.377-05:00

Date last modified: 2014-01-15T13:27:15.923-05:00

CVSS Score: 7.1

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10610

Summary: Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7 on SRX Series service gateways allows remote attackers to cause a denial of service (flowd crash) via a crafted IP packet.

CVE-2014-0613CVE-2014-0613

Affected configuration(s):

cpe:/o:juniper:junos:10.4
cpe:/o:juniper:junos:11.4
cpe:/o:juniper:junos:12.1r
cpe:/o:juniper:junos:12.1×44
cpe:/o:juniper:junos:12.1×45
cpe:/o:juniper:junos:12.1×46
cpe:/o:juniper:junos:12.2
cpe:/o:juniper:junos:12.3
cpe:/o:juniper:junos:13.1
cpe:/o:juniper:junos:13.2
cpe:/o:juniper:junos:13.3

Date published: 2014-01-15T11:08:04.157-05:00

Date last modified: 2014-01-15T13:11:02.323-05:00

CVSS Score: 7.1

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10607

Summary: The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before 13.3R1, when xnm-ssl or xnm-clear-text is enabled, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

CVE-2014-0031CVE-2014-0031

Affected configuration(s):

cpe:/a:apache:cloudstack:2.0:-:community
cpe:/a:apache:cloudstack:2.0.1
cpe:/a:apache:cloudstack:2.1.0
cpe:/a:apache:cloudstack:2.1.1
cpe:/a:apache:cloudstack:2.1.2
cpe:/a:apache:cloudstack:2.1.3
cpe:/a:apache:cloudstack:2.1.4
cpe:/a:apache:cloudstack:2.1.5
cpe:/a:apache:cloudstack:2.1.6
cpe:/a:apache:cloudstack:2.1.7
cpe:/a:apache:cloudstack:2.1.8
cpe:/a:apache:cloudstack:2.1.9
cpe:/a:apache:cloudstack:2.1.10
cpe:/a:apache:cloudstack:2.2.0
cpe:/a:apache:cloudstack:2.2.1
cpe:/a:apache:cloudstack:2.2.2
cpe:/a:apache:cloudstack:2.2.3
cpe:/a:apache:cloudstack:2.2.5
cpe:/a:apache:cloudstack:2.2.6
cpe:/a:apache:cloudstack:2.2.7
cpe:/a:apache:cloudstack:2.2.8
cpe:/a:apache:cloudstack:2.2.9
cpe:/a:apache:cloudstack:2.2.11
cpe:/a:apache:cloudstack:2.2.12
cpe:/a:apache:cloudstack:2.2.13
cpe:/a:apache:cloudstack:2.2.14
cpe:/a:apache:cloudstack:3.0.0
cpe:/a:apache:cloudstack:3.0.1
cpe:/a:apache:cloudstack:3.0.2
cpe:/a:apache:cloudstack:4.0.0:incubating
cpe:/a:apache:cloudstack:4.0.1
cpe:/a:apache:cloudstack:4.0.2
cpe:/a:apache:cloudstack:4.1.0
cpe:/a:apache:cloudstack:4.1.1
cpe:/a:apache:cloudstack:4.2.0

Date published: 2014-01-15T11:08:04.093-05:00

Date last modified: 2014-02-25T07:38:36.640-05:00

CVSS Score: 4.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: https://blogs.apache.org/cloudstack/entry/cve_2014_0031_cloudstack_listnetworkacl

Summary: The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request.

CVE-2014-0615CVE-2014-0615

Affected configuration(s):

cpe:/o:juniper:junos:10.4
cpe:/o:juniper:junos:11.4
cpe:/o:juniper:junos:12.1r
cpe:/o:juniper:junos:12.1×44
cpe:/o:juniper:junos:12.1×45
cpe:/o:juniper:junos:12.1×46
cpe:/o:juniper:junos:12.2
cpe:/o:juniper:junos:12.3
cpe:/o:juniper:junos:13.1
cpe:/o:juniper:junos:13.2
cpe:/o:juniper:junos:13.3

Date published: 2014-01-15T11:08:04.313-05:00

Date last modified: 2014-01-24T14:22:37.923-05:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10608

Summary: Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows local users to gain privileges via vectors related to “certain combinations of Junos OS CLI commands and arguments.”

CVE-2014-0591CVE-2014-0591

Affected configuration(s):

cpe:/a:isc:bind:9.6-esv
cpe:/a:isc:bind:9.6-esv-r1
cpe:/a:isc:bind:9.6-esv-r2
cpe:/a:isc:bind:9.6-esv-r3
cpe:/a:isc:bind:9.6-esv-r4
cpe:/a:isc:bind:9.6-esv-r4-p1
cpe:/a:isc:bind:9.6-esv-r5
cpe:/a:isc:bind:9.6-esv-r5:p1
cpe:/a:isc:bind:9.6-esv-r5b1
cpe:/a:isc:bind:9.6-esv-r6
cpe:/a:isc:bind:9.6-esv-r6:b1
cpe:/a:isc:bind:9.6-esv-r6:rc1
cpe:/a:isc:bind:9.6-esv-r6:rc2
cpe:/a:isc:bind:9.6-esv-r7
cpe:/a:isc:bind:9.6-esv-r7:p1
cpe:/a:isc:bind:9.6-esv-r7:p2
cpe:/a:isc:bind:9.6-esv-r9
cpe:/a:isc:bind:9.6-esv-r9:p1
cpe:/a:isc:bind:9.6.0
cpe:/a:isc:bind:9.6.0:p1
cpe:/a:isc:bind:9.6.0:rc1
cpe:/a:isc:bind:9.6.0:rc2
cpe:/a:isc:bind:9.6.0a1
cpe:/a:isc:bind:9.6.0b1
cpe:/a:isc:bind:9.6.1
cpe:/a:isc:bind:9.6.1:p1
cpe:/a:isc:bind:9.6.1:p2
cpe:/a:isc:bind:9.6.1:p3
cpe:/a:isc:bind:9.6.1:rc1
cpe:/a:isc:bind:9.6.1b1
cpe:/a:isc:bind:9.6.2
cpe:/a:isc:bind:9.6.2:rc1
cpe:/a:isc:bind:9.6.2-p1
cpe:/a:isc:bind:9.6.2-p2
cpe:/a:isc:bind:9.6.2-p3
cpe:/a:isc:bind:9.6.2b1
cpe:/a:isc:bind:9.6.3
cpe:/a:isc:bind:9.6.3:rc1
cpe:/a:isc:bind:9.6.3b1
cpe:/a:isc:bind:9.7.0
cpe:/a:isc:bind:9.7.0:beta
cpe:/a:isc:bind:9.7.0:p1
cpe:/a:isc:bind:9.7.0:p2
cpe:/a:isc:bind:9.7.0:rc1
cpe:/a:isc:bind:9.7.0:rc2
cpe:/a:isc:bind:9.7.0a1
cpe:/a:isc:bind:9.7.0a2
cpe:/a:isc:bind:9.7.0a3
cpe:/a:isc:bind:9.7.0b1
cpe:/a:isc:bind:9.7.0b2
cpe:/a:isc:bind:9.7.0b3
cpe:/a:isc:bind:9.7.1
cpe:/a:isc:bind:9.7.1:p1
cpe:/a:isc:bind:9.7.1:p2
cpe:/a:isc:bind:9.7.1:rc1
cpe:/a:isc:bind:9.7.1b1
cpe:/a:isc:bind:9.7.2
cpe:/a:isc:bind:9.7.2:p1
cpe:/a:isc:bind:9.7.2:p2
cpe:/a:isc:bind:9.7.2:p3
cpe:/a:isc:bind:9.7.2:rc1
cpe:/a:isc:bind:9.7.3
cpe:/a:isc:bind:9.7.3:b1
cpe:/a:isc:bind:9.7.3:p1
cpe:/a:isc:bind:9.7.3:rc1
cpe:/a:isc:bind:9.7.4
cpe:/a:isc:bind:9.7.4:b1
cpe:/a:isc:bind:9.7.4:p1
cpe:/a:isc:bind:9.7.4:rc1
cpe:/a:isc:bind:9.7.4b1
cpe:/a:isc:bind:9.7.5
cpe:/a:isc:bind:9.7.5:b1
cpe:/a:isc:bind:9.7.5:rc1
cpe:/a:isc:bind:9.7.5:rc2
cpe:/a:isc:bind:9.7.6
cpe:/a:isc:bind:9.7.6:p1
cpe:/a:isc:bind:9.7.6:p2
cpe:/a:isc:bind:9.7.7
cpe:/a:isc:bind:9.8.0
cpe:/a:isc:bind:9.8.0:a1
cpe:/a:isc:bind:9.8.0:b1
cpe:/a:isc:bind:9.8.0:p1
cpe:/a:isc:bind:9.8.0:p2
cpe:/a:isc:bind:9.8.0:p4
cpe:/a:isc:bind:9.8.0:rc1
cpe:/a:isc:bind:9.8.1
cpe:/a:isc:bind:9.8.1:b1
cpe:/a:isc:bind:9.8.1:b2
cpe:/a:isc:bind:9.8.1:b3
cpe:/a:isc:bind:9.8.1:p1
cpe:/a:isc:bind:9.8.1:rc1
cpe:/a:isc:bind:9.8.2:b1
cpe:/a:isc:bind:9.8.2:rc1
cpe:/a:isc:bind:9.8.2:rc2
cpe:/a:isc:bind:9.8.3
cpe:/a:isc:bind:9.8.3:p1
cpe:/a:isc:bind:9.8.3:p2
cpe:/a:isc:bind:9.8.4
cpe:/a:isc:bind:9.8.5
cpe:/a:isc:bind:9.8.5:b1
cpe:/a:isc:bind:9.8.5:b2
cpe:/a:isc:bind:9.8.5:p1
cpe:/a:isc:bind:9.8.5:p2
cpe:/a:isc:bind:9.8.5:rc1
cpe:/a:isc:bind:9.8.5:rc2
cpe:/a:isc:bind:9.8.6
cpe:/a:isc:bind:9.8.6:b1
cpe:/a:isc:bind:9.8.6:p1
cpe:/a:isc:bind:9.8.6:rc1
cpe:/a:isc:bind:9.8.6:rc2
cpe:/a:isc:bind:9.9.4
cpe:/a:isc:bind:9.9.4:p1
cpe:/a:isc:bind:9.9.4:rc1
cpe:/a:isc:bind:9.9.4:rc2

Date published: 2014-01-13T23:29:56.953-05:00

Date last modified: 2017-01-06T21:59:33.140-05:00

CVSS Score: 2.6

Principal attack vector: NETWORK

Complexity:  HIGH

Reference URL: http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html

Summary: The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

CVE-2014-0805CVE-2014-0805

Affected configuration(s):

cpe:/a:skyarts:neofiler:2.4.2:-:~-~lite~android~~
cpe:/a:skyarts:neofiler:5.4.3:-:~-~-~android~~
cpe:/a:skyarts:neofiler:5.4.3:-:~-~free~android~~

Date published: 2014-01-12T13:34:56.547-05:00

Date last modified: 2014-01-13T23:49:19.543-05:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://jvn.jp/en/jp/JVN85716574/index.html

Summary: Directory traversal vulnerability in the NeoFiler application 5.4.3 and earlier, NeoFiler Free application 5.4.3 and earlier, and NeoFiler Lite application 2.4.2 and earlier for Android allows attackers to overwrite or create arbitrary files via unspecified vectors.

CVE-2014-0804CVE-2014-0804

Affected configuration(s):

cpe:/a:cgene:security_file_manager:1.0.6:-:~-~pro~android~~
cpe:/a:cgene:security_file_manager:1.0.6:-:~-~trial~android~~

Date published: 2014-01-12T13:34:56.063-05:00

Date last modified: 2014-01-13T15:05:50.797-05:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://jvn.jp/en/jp/JVN44392991/index.html

Summary: Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors.

CVE-2014-0803CVE-2014-0803

Affected configuration(s):

cpe:/a:yuichiro_okuyama:tetra_filer:1.5.1:-:~-~-~android~~
cpe:/a:yuichiro_okuyama:tetra_filer:2.3.1:-:~-~-~android~~
cpe:/a:yuichiro_okuyama:tetra_filer_free:1.5.1:-:~-~-~android~~
cpe:/a:yuichiro_okuyama:tetra_filer_free:2.3.1:-:~-~-~android~~

Date published: 2014-01-12T13:34:56.033-05:00

Date last modified: 2014-01-13T14:47:08.617-05:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://jvn.jp/en/jp/JVN51285738/index.html

Summary: Directory traversal vulnerability in the tetra filer application 2.3.1 and earlier for Android 4.0.3, tetra filer free application 2.3.1 and earlier for Android 4.0.3, tetra filer application 1.5.1 and earlier for Android before 4.0.3, and tetra filer free application 1.5.1 and earlier for Android before 4.0.3 allows attackers to overwrite or create arbitrary files via unspecified vectors.