11 matches found
EUVD-2019-0222
Malware in sbrugna...
GHSA-4V2C-G2XC-47FV Downloads Resources over HTTP in massif
Affected versions of massif insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
Downloads Resources over HTTP in massif
Affected versions of massif insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
massif code execution vulnerability (CNVD-2018-15161)
massif is a WebKit script written in JavaScript. A security vulnerability exists in massif, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the response and replacing the requeste...
massif code execution vulnerability
massif is a WebKit script written in JavaScript. A security vulnerability exists in massif, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the response and replacing the requeste...
CVE-2016-10682
massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between th...
CVE-2016-10682
massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between th...
Remote code execution
massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between th...
CVE-2016-10682
massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between th...
CVE-2016-10682
The CVE-2016-10682 issue affects massif, a PhantomJS fork, which downloads resources over HTTP. The underlying risk is a MITM could replace fetched resources with attacker-controlled binaries, potentially enabling remote code execution when the user retrieves those resources. Multiple sources des...
Downloads Resources over HTTP
Overview Affected versions of massif insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...