What is the severity of CVE-2014-1869?

CVE-2014-1869 has been assigned a moderate severity rating due to potential risks associated with its exploitation.

How do I fix CVE-2014-1869?

To remediate CVE-2014-1869, update Red Hat OpenShift to a version higher than 3.1 or apply patches as recommended by the vendor.

What software is affected by CVE-2014-1869?

CVE-2014-1869 affects multiple versions of Red Hat OpenShift and specific versions of ZeroClipboard including 1.0.5 through 1.3.1.

What are the impacts of exploiting CVE-2014-1869?

Exploiting CVE-2014-1869 could allow unauthorized access to sensitive data or functionality within affected applications.

Is there a workaround for CVE-2014-1869?

A temporary workaround for CVE-2014-1869 is to disable the affected components until a proper patch can be applied.

Vulnerability/
CVE-2014-1869

medium

4.3

CWE

8/2/2014

6/8/2024

CVE-2014-1869: XSS

First published: Sat Feb 08 2014(Updated: )

Common Vulnerabilities and Exposures assigned an identifier <a href="https://access.redhat.com/security/cve/CVE-2014-1869">CVE-2014-1869</a> to the following vulnerability: Name: <a href="https://access.redhat.com/security/cve/CVE-2014-1869">CVE-2014-1869</a> URL: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1869">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1869</a> Assigned: 20140206 Reference: <a href="https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca">https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca</a> Reference: <a href="https://github.com/zeroclipboard/zeroclipboard/pull/335">https://github.com/zeroclipboard/zeroclipboard/pull/335</a> Reference: <a href="https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2">https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2</a> Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Red Hat OpenShift	<=3.1
ZeroClipboard	<=1.3.1
ZeroClipboard	=1.0.5
ZeroClipboard	=1.0.7
ZeroClipboard	=1.0.8
ZeroClipboard	=1.1.0
ZeroClipboard	=1.1.1
ZeroClipboard	=1.1.2
ZeroClipboard	=1.1.3
ZeroClipboard	=1.1.4
ZeroClipboard	=1.1.5
ZeroClipboard	=1.1.6
ZeroClipboard	=1.1.7
ZeroClipboard	=1.2.0
ZeroClipboard	=1.2.1
ZeroClipboard	=1.2.2
ZeroClipboard	=1.2.3
ZeroClipboard	=1.3.0

Remedy

https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-1869?
CVE-2014-1869 has been assigned a moderate severity rating due to potential risks associated with its exploitation.
How do I fix CVE-2014-1869?
To remediate CVE-2014-1869, update Red Hat OpenShift to a version higher than 3.1 or apply patches as recommended by the vendor.
What software is affected by CVE-2014-1869?
CVE-2014-1869 affects multiple versions of Red Hat OpenShift and specific versions of ZeroClipboard including 1.0.5 through 1.3.1.
What are the impacts of exploiting CVE-2014-1869?
Exploiting CVE-2014-1869 could allow unauthorized access to sensitive data or functionality within affected applications.
Is there a workaround for CVE-2014-1869?
A temporary workaround for CVE-2014-1869 is to disable the affected components until a proper patch can be applied.

agent/type
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2014-1869
agent/references
agent/severity
agent/remedy
agent/weakness
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/redhat
canonical/red hat openshift
version/red hat openshift/3.1
vendor/zeroclipboard project
canonical/zeroclipboard
version/zeroclipboard/1.3.1
version/zeroclipboard/1.0.5
version/zeroclipboard/1.0.7
version/zeroclipboard/1.0.8
version/zeroclipboard/1.1.0
version/zeroclipboard/1.1.1
version/zeroclipboard/1.1.2
version/zeroclipboard/1.1.3
version/zeroclipboard/1.1.4
version/zeroclipboard/1.1.5
version/zeroclipboard/1.1.6
version/zeroclipboard/1.1.7
version/zeroclipboard/1.2.0
version/zeroclipboard/1.2.1
version/zeroclipboard/1.2.2
version/zeroclipboard/1.2.3
version/zeroclipboard/1.3.0

Frequently Asked Questions

What is the severity of CVE-2014-1869?
CVE-2014-1869 has been assigned a moderate severity rating due to potential risks associated with its exploitation.
How do I fix CVE-2014-1869?
To remediate CVE-2014-1869, update Red Hat OpenShift to a version higher than 3.1 or apply patches as recommended by the vendor.
What software is affected by CVE-2014-1869?
CVE-2014-1869 affects multiple versions of Red Hat OpenShift and specific versions of ZeroClipboard including 1.0.5 through 1.3.1.
What are the impacts of exploiting CVE-2014-1869?
Exploiting CVE-2014-1869 could allow unauthorized access to sensitive data or functionality within affected applications.
Is there a workaround for CVE-2014-1869?
A temporary workaround for CVE-2014-1869 is to disable the affected components until a proper patch can be applied.

CVE-2014-1869: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-1869?

How do I fix CVE-2014-1869?

What software is affected by CVE-2014-1869?

What are the impacts of exploiting CVE-2014-1869?

Is there a workaround for CVE-2014-1869?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-1869?

How do I fix CVE-2014-1869?

What software is affected by CVE-2014-1869?

What are the impacts of exploiting CVE-2014-1869?

Is there a workaround for CVE-2014-1869?