13 matches found
EUVD-2018-10943
Malware in sbrugna...
CVE-2018-19233
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...
CVE-2018-19234
The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...
CVE-2018-19233
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...
CVE-2018-19234
The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...
Input validation
The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...
Hardcoded credentials
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...
CVE-2018-19234
The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...
CVE-2018-19233
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...
CVE-2018-19233
CVE-2018-19233 affects Miss Marple Enterprise Edition before 2.0. Local attackers can execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file. The vulnerability is due to hard-coded credentials (AES key) in the affected component;...
CVE-2018-19234
CVE-2018-19234 affects the Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition prior to version 2.0 . The root cause is missing update validation , enabling a remote attacker to execute arbitrary code with SYSTEM privileges . This vulnerability is documented across multiple sou...
Miss Marple Enterprise Edition Code Execution Vulnerability
Miss Marple Enterprise Edition is a suite of enterprise IT asset and license management programs. A security vulnerability in Miss Marple Enterprise Edition prior to version 2.0 exists because the program fails to detect updates. An attacker could exploit the vulnerability to execute arbitrary co...
Miss Marple Enterprise Edition File Upload / Hardcoded AES Key Vulnerability
Exploit for windows platform in category local exploits ======================================================================= title: Multiple critical vulnerabilities product: Miss Marple Enterprise Edition vulnerable version: 2.0 fixed version: 2.0 CVE number: CVE-2018-19233, CVE-2018-19234...