Apache HertzBeat 1.8.0 Remote Command Execution

Apache HertzBeat version 1.8.0 suffers from a remote command execution vulnerability via the scriptCommand parameter in a monitoring template definition...

Microsoft Windows Media Player 11 ScriptCommand Multiple Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/35335/info Microsoft Windows Media Player is prone to multiple information-disclosure vulnerabilities because it fails to properly restrict access to certain functionality when handling media files. An attacker can exploi...

Microsoft Windows Media Player ScriptCommand信息泄漏漏洞

Bugraq ID: 35335 Microsoft Windows Media Player是一款流行的媒体播放程序。 Microsoft Windows Media Player处理媒体文件时不正确限制对部分功能的访问，远程攻击者可以利用漏洞获得敏感信息。 构建恶意媒体文件，诱使用户处理，可导致： -劫持嵌入WMP对象的WEB页中的子帧。 -可导致本地媒体文件枚举。 -可用于扫描内网IP地址。 -获得目标操作系统版本，语言和CPU类型。 -触发隐秘的FTP连接到任意站点。 Microsoft Windows Media Player 11 目前没有解决方案提供：...

Microsoft Windows Media Player 11 - ScriptCommand Multiple Information Disclosure Vulnerabilities

Microsoft Windows Media Player 11 - ScriptCommand Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/35335/info Microsoft Windows Media Player is prone to multiple information-disclosure vulnerabilities because it fails to properly restrict access to certain...