3 matches found
CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...
CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...
CVE-2019-10648
CVE-2019-10648 affects Robocode up to version 1.9.3.5. The root cause is a .openStream call in java.net.URL, which allows remote attackers to trigger external service interaction (DNS) by querying attacker‑controlled DNS zones. This can enable exfiltration or other DNS interactions when a vulnera...