8 matches found
CVE-2018-1000889
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
EUVD-2018-2064
Malware in sbrugna...
CVE-2018-1000889
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
CVE-2018-1000889
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
Xxe
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
Logisim Evolution XML External Entity Injection Vulnerability
Logisim Evolution is a tool for designing and simulating data logic circuits. An XML external entity injection vulnerability exists in the Circuit file loading feature in Logisim Evolution 2.14.3 and earlier versions, which can be exploited by an attacker to disclose information and potentially...
CVE-2018-1000889
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
CVE-2018-1000889
CVE-2018-1000889 affects Logisim Evolution versions 2.14.3 and earlier, due to an XML External Entity (XXE) vulnerability in the circuit file loading path (loadXmlFrom in XmlReader.java). The issue can lead to information disclosure and, depending on system configuration, potential remote code ex...