EUVD-2017-17834

Malware in sbrugna...

EUVD-2017-17833

Malware in sbrugna...

AeroAdmin Man-in-the-Middle Attack Vulnerability

AeroAdmin is a free remote desktop software. The program is capable of encrypting the remote connection process, capable of remote file management. A security vulnerability exists in AeroAdmin version 4.1. An attacker can use this vulnerability to hijack updates and execute code on a device via a...

AeroAdmin Denial of Service Vulnerability

AeroAdmin is a free remote desktop software. The program is capable of encrypting the remote connection process, capable of remote file management. A security vulnerability exists in AeroAdmin version 4.1. An attacker can exploit this vulnerability to cause a buffer overflow and denial of service...

Buffer overflow

AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service...

CVE-2017-8893

AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service...

CVE-2017-8894

AeroAdmin 4.1 uses an insecure protocol HTTP to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine...

CVE-2017-8894

AeroAdmin 4.1 uses an insecure protocol HTTP to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine...

CVE-2017-8893

AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service...

Design/Logic Flaw

AeroAdmin 4.1 uses an insecure protocol HTTP to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine...

CVE-2017-8893

AeroAdmin 4.1 is affected by CVE-2017-8893 due to a function that copies data between two pointers with the size taken directly from a network packet, causing a buffer overflow that can lead to a denial of service. Multiple connected sources (NVD/CNVD/PRION/CVELIST entries) describe AeroAdmin 4.1...

CVE-2017-8893

AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service...

CVE-2017-8894

AeroAdmin 4.1 uses an insecure protocol HTTP to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine...

CVE-2017-8894

AeroAdmin 4.1 uses an insecure HTTP channel to perform software updates, enabling a man-in-the-middle to hijack an update and execute code on the machine. Connected sources confirm the HTTP update mechanism and MITM risk; no remediation or patch details are provided in the available documents.