7 matches found
EUVD-2018-12861
Malware in sbrugna...
CVE-2018-20298
S3 Browser before 8.1.5 contains an XML external entity XXE vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol...
Xxe
S3 Browser before 8.1.5 contains an XML external entity XXE vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol...
CVE-2018-20298
S3 Browser before 8.1.5 contains an XML external entity XXE vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol...
CVE-2018-20298
S3 Browser before 8.1.5 contains an XML external entity XXE vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol...
CVE-2018-20298
CVE-2018-20298 concerns S3 Browser prior to 8.1.5 with an XML external entity (XXE) vulnerability in the S3 protocol. An attacker can lure a user to connect to a malicious server, causing the application to read local files and reveal NTLMv2 hashes via XML-based responses. Multiple connected sour...
PT-2018-34: XXE Injection in S3 Browser
The specialists of the Positive Research center have detected an XXE Injection vulnerability in S3 Browser. A vulnerability in the HTTP-based S3 protocol, due to server responses transmitted in XML format, allows remote attackers to read user files and obtain NTLMv2 hash values by tricking a user...