Suse Studio Onsite vulnerabilities

CVE-2017-14807 [HIGH] CWE-89 CVE-2017-14807: An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerabilit An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects: SUSE Studio onsite susestudio-ui-server version 1.3.17-

CVE-2017-14806 [LOW] CWE-295 CVE-2017-14806: A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows re A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version 1.3.17-56.6.3 and prior versions.

CVE-2011-0467 [HIGH] CWE-89 CVE-2011-0467: A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 A A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1.

CVE-2014-9846 [CRITICAL] CWE-119 CVE-2014-9846: Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote at Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

CVE-2014-9844 [MEDIUM] CWE-125 CVE-2014-9844: The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

CVE-2014-9845 [MEDIUM] CWE-119 CVE-2014-9845: The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial o The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

CVE-2016-2317 [MEDIUM] CWE-119 CVE-2016-2317: Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of servi Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.

CVE-2016-2318 [MEDIUM] CWE-476 CVE-2016-2318: GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

CVE-2015-8808 [MEDIUM] CWE-119 CVE-2015-8808: The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

CVE-2016-5118 [CRITICAL] CVE-2016-5118: The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attack The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

CVE-2016-0718 [CRITICAL] CWE-119 CVE-2016-0718: Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute ar Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

CVE-2015-1283 [MEDIUM] CWE-190 CVE-2015-1283: Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google C Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.

CVE-2014-7169 [CRITICAL] CVE-2014-7169: GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definiti GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgi

CVE-2014-6271 [CRITICAL] CWE-78 CVE-2014-6271: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environm GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts execute

CVE-2011-4195 [HIGH] CVE-2011-4195: kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sy kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.

CVE-2011-4192 [HIGH] CVE-2011-4192: kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sys kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

CVE-2011-3180 [HIGH] CVE-2011-3180: kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sy kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

CVE-2011-4193 [MEDIUM] CWE-79 CVE-2011-4193: Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1 Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning.

CVE-2013-3712 [CRITICAL] CWE-310 CVE-2013-3712: SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secre SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.

CVE-2013-3709 [HIGH] CWE-264 CVE-2013-3709: WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.