Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0109.
Monthly Archives: February 2015
CVE-2015-0109
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0108.
CVE-2015-0617
Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices allow remote attackers to cause a denial of service (CPU consumption and SNMP outage) via malformed SNMP packets, aka Bug ID CSCur13393.
CVE-2015-0620
The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly handle external entities, which allows remote authenticated users to cause a denial of service via POST requests, aka Bug ID CSCus51494.
CVE-2015-0621
Cisco TelePresence MCU devices with software 4.5(1.45) allow remote attackers to cause a denial of service (device reload) via an unspecified series of TCP packets, aka Bug ID CSCur50347.
CVE-2015-1355
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.
CVE-2015-1356
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user’s privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.
CVE-2015-1358
The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack.
Fedora 21 Security Update: freetype-2.5.3-15.fc21
Resolved Bugs
1191078 – CVE-2014-9656 freetype: integer overflow in the tt_sbit_decoder_load_image function in sfnt/ttsbit.c
1191081 – CVE-2014-9659 freetype: stack-based buffer overflow in cff/cf2intrp.c in the CFF CharString interpreter
1191083 – CVE-2014-9661 freetype: use-after-free in type42/t42parse.c
1191085 – CVE-2014-9663 freetype: out-of-bounds read in the tt_cmap4_validate function in sfnt/ttcmap.c
1191087 – CVE-2014-9665 freetype: integer overflow and heap-based buffer overflow in the Load_SBit_Png function in sfnt/pngshim.c
1191090 – CVE-2014-9667 freetype: integer overflow and out-of-bounds read in sfnt/ttload.c
1191092 – CVE-2014-9669 freetype: Multiple integer overflows in sfnt/ttcmap.c
1191093 – CVE-2014-9670 freetype: Multiple integer signedness errors in the pcf_get_encodings function inpcf/pcfread.c
1191191 – CVE-2014-9674 freetype: integer overflow and heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c [fedora-all]
1191193 – CVE-2014-9675 freetype: bypass the ASLR protection mechanism via a crafted BDF font [fedora-all]
1191099 – CVE-2014-9656 CVE-2014-9657 CVE-2014-9661 CVE-2014-9660 CVE-2014-9667 CVE-2014-9666 CVE-2014-9665 CVE-2014-9664 CVE-2014-9669 CVE-2014-9668 CVE-2014-9662 CVE-2014-9658 CVE-2014-9659 CVE-2014-9663 CVE-2014-9670 freetype: various flaws [fedora-all]
1191079 – CVE-2014-9657 freetype: DoS in the tt_face_load_hdmx function in truetype/ttpload.c
1191080 – CVE-2014-9658 freetype: DoS in the tt_face_load_kern function in sfnt/ttkern.c
1191082 – CVE-2014-9660 freetype: NULL pointer dereference in the _bdf_parse_glyphs function in bdf/bdflib.c
1191084 – CVE-2014-9662 freetype: heap-based buffer overflow in cff/cf2ft.c
1191086 – CVE-2014-9664 freetype: out-of-bounds read via a crafted Type42 font
1191089 – CVE-2014-9666 freetype: integer overflow and out-of-bounds read in the tt_sbit_decoder_init function in sfnt/ttsbit.c
1191091 – CVE-2014-9668 freetype: integer overflow and heap-based buffer overflow in the woff_open_font function in sfnt/sfobjs.c
1191190 – CVE-2014-9674 freetype: integer overflow and heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c
1191192 – CVE-2014-9675 freetype: bypass the ASLR protection mechanism via a crafted BDF font<br
This update fixes several security issues.
Fedora 20 Security Update: freetype-2.5.0-9.fc20
Resolved Bugs
1191191 – CVE-2014-9674 freetype: integer overflow and heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c [fedora-all]
1191192 – CVE-2014-9675 freetype: bypass the ASLR protection mechanism via a crafted BDF font
1191099 – CVE-2014-9656 CVE-2014-9657 CVE-2014-9661 CVE-2014-9660 CVE-2014-9667 CVE-2014-9666 CVE-2014-9665 CVE-2014-9664 CVE-2014-9669 CVE-2014-9668 CVE-2014-9662 CVE-2014-9658 CVE-2014-9659 CVE-2014-9663 CVE-2014-9670 freetype: various flaws [fedora-all]
1191078 – CVE-2014-9656 freetype: integer overflow in the tt_sbit_decoder_load_image function in sfnt/ttsbit.c
1191079 – CVE-2014-9657 freetype: DoS in the tt_face_load_hdmx function in truetype/ttpload.c
1191080 – CVE-2014-9658 freetype: DoS in the tt_face_load_kern function in sfnt/ttkern.c
1191081 – CVE-2014-9659 freetype: stack-based buffer overflow in cff/cf2intrp.c in the CFF CharString interpreter
1191082 – CVE-2014-9660 freetype: NULL pointer dereference in the _bdf_parse_glyphs function in bdf/bdflib.c
1191083 – CVE-2014-9661 freetype: use-after-free in type42/t42parse.c
1191084 – CVE-2014-9662 freetype: heap-based buffer overflow in cff/cf2ft.c
1191085 – CVE-2014-9663 freetype: out-of-bounds read in the tt_cmap4_validate function in sfnt/ttcmap.c
1191086 – CVE-2014-9664 freetype: out-of-bounds read via a crafted Type42 font
1191087 – CVE-2014-9665 freetype: integer overflow and heap-based buffer overflow in the Load_SBit_Png function in sfnt/pngshim.c
1191089 – CVE-2014-9666 freetype: integer overflow and out-of-bounds read in the tt_sbit_decoder_init function in sfnt/ttsbit.c
1191090 – CVE-2014-9667 freetype: integer overflow and out-of-bounds read in sfnt/ttload.c
1191091 – CVE-2014-9668 freetype: integer overflow and heap-based buffer overflow in the woff_open_font function in sfnt/sfobjs.c
1191092 – CVE-2014-9669 freetype: Multiple integer overflows in sfnt/ttcmap.c
1191093 – CVE-2014-9670 freetype: Multiple integer signedness errors in the pcf_get_encodings function inpcf/pcfread.c
1191190 – CVE-2014-9674 freetype: integer overflow and heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c
1191193 – CVE-2014-9675 freetype: bypass the ASLR protection mechanism via a crafted BDF font [fedora-all]<br
This update fixes several security issues.