CVE-2014-1869: XSS
First published: Sat Feb 08 2014(Updated: )
Common Vulnerabilities and Exposures assigned an identifier <a href="https://access.redhat.com/security/cve/CVE-2014-1869">CVE-2014-1869</a> to the following vulnerability: Name: <a href="https://access.redhat.com/security/cve/CVE-2014-1869">CVE-2014-1869</a> URL: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1869">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1869</a> Assigned: 20140206 Reference: <a href="https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca">https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca</a> Reference: <a href="https://github.com/zeroclipboard/zeroclipboard/pull/335">https://github.com/zeroclipboard/zeroclipboard/pull/335</a> Reference: <a href="https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2">https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2</a> Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Openshift | <=3.1 | |
| Zeroclipboard Project Zeroclipboard | <=1.3.1 | |
| Zeroclipboard Project Zeroclipboard | =1.0.5 | |
| Zeroclipboard Project Zeroclipboard | =1.0.7 | |
| Zeroclipboard Project Zeroclipboard | =1.0.8 | |
| Zeroclipboard Project Zeroclipboard | =1.1.0 | |
| Zeroclipboard Project Zeroclipboard | =1.1.1 | |
| Zeroclipboard Project Zeroclipboard | =1.1.2 | |
| Zeroclipboard Project Zeroclipboard | =1.1.3 | |
| Zeroclipboard Project Zeroclipboard | =1.1.4 | |
| Zeroclipboard Project Zeroclipboard | =1.1.5 | |
| Zeroclipboard Project Zeroclipboard | =1.1.6 | |
| Zeroclipboard Project Zeroclipboard | =1.1.7 | |
| Zeroclipboard Project Zeroclipboard | =1.2.0 | |
| Zeroclipboard Project Zeroclipboard | =1.2.1 | |
| Zeroclipboard Project Zeroclipboard | =1.2.2 | |
| Zeroclipboard Project Zeroclipboard | =1.2.3 | |
| Zeroclipboard Project Zeroclipboard | =1.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/56821
- http://www.securityfocus.com/bid/65484
- https://access.redhat.com/errata/RHSA-2016:0070
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91085
- https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca
- https://github.com/zeroclipboard/zeroclipboard/pull/335
- https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2
- https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-1869
- agent/last-modified-date
- agent/references
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/remedy
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/redhat
- canonical/redhat openshift
- version/redhat openshift/3.1
- vendor/zeroclipboard project
- canonical/zeroclipboard project zeroclipboard
- version/zeroclipboard project zeroclipboard/1.3.1
- version/zeroclipboard project zeroclipboard/1.0.5
- version/zeroclipboard project zeroclipboard/1.0.7
- version/zeroclipboard project zeroclipboard/1.0.8
- version/zeroclipboard project zeroclipboard/1.1.0
- version/zeroclipboard project zeroclipboard/1.1.1
- version/zeroclipboard project zeroclipboard/1.1.2
- version/zeroclipboard project zeroclipboard/1.1.3
- version/zeroclipboard project zeroclipboard/1.1.4
- version/zeroclipboard project zeroclipboard/1.1.5
- version/zeroclipboard project zeroclipboard/1.1.6
- version/zeroclipboard project zeroclipboard/1.1.7
- version/zeroclipboard project zeroclipboard/1.2.0
- version/zeroclipboard project zeroclipboard/1.2.1
- version/zeroclipboard project zeroclipboard/1.2.2
- version/zeroclipboard project zeroclipboard/1.2.3
- version/zeroclipboard project zeroclipboard/1.3.0