21 matches found
Acer M6E 安全漏洞
The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from the legacy debugging module containing fixed credentials from the AWS Cognito test sandbox. This vulnerability could potentially lead to...
Sandbox Escape
Artemis Java Test Sandbox is vulnerable to Sandbox Escape. The vulnerability is caused due to missing checkLinkString override in the SecurityManager. This allows an attacker to load untrusted libraries and execute arbitrary Java code within the context of the application...
GHSA-HJ55-9JMV-9JRJ Duplicate Advisory: Sandbox escape in Artemis Java Test Sandbox
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-227w-wv4j-67h4. This link is maintained to preserve external references. Original Description Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class...
Duplicate Advisory: Sandbox escape in Artemis Java Test Sandbox
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-883x-6fch-6wjx. This link is maintained to preserve external references. Original Description Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a speci...
Duplicate Advisory: Sandbox escape in Artemis Java Test Sandbox
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-227w-wv4j-67h4. This link is maintained to preserve external references. Original Description Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class...
GHSA-C4PG-5GGH-VCPP Duplicate Advisory: Sandbox escape in Artemis Java Test Sandbox
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-98hq-4wmw-98w9. This link is maintained to preserve external references. Original Description Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted...
CVE-2024-23682
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
CVE-2024-23682
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
CVE-2024-23683
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
Code injection
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
CVE-2024-23681 Artemis Java Test Sandbox Libary Load Escape
Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
CVE-2024-23681 Artemis Java Test Sandbox Libary Load Escape
Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
CVE-2024-23681
The CVE-2024-23681 issue affects Artemis Java Test Sandbox prior to version 1.11.2. A sandbox escape is possible when untrusted libraries are loaded via System.load or System.loadLibrary, enabling arbitrary Java execution in the victim’s sandboxed code. Root-cause references include missing Secur...
CVE-2024-23683
Affected product: Artemis Java Test Sandbox. Versions
CVE-2024-23683 Artemis Java Test Sandbox InvocationTargetException Subclass Escape
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
CVE-2024-23682 Artemis Java Test Sandbox Class Loading Escape
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code...
Artemis Java Test Sandbox Security Vulnerability
Artemis Java Test Sandbox is a JUnit 5 extension for easy and secure Artemis Java testing. A security vulnerability exists in Artemis Java Test Sandbox versions prior to 1.7.6. An attacker can exploit this vulnerability to execute arbitrary Java...
Arbitrary code execution in de.tum.in.ase:artemis-java-test-sandbox
Summary Because of the missing checkLinkString override in the SecurityManager, students can load libraries and execute arbitrary code. Details Using System.loadString or System.loadLibraryString students can load and execute arbitrary code. java private static native void startList args; public...
GHSA-98HQ-4WMW-98W9 Arbitrary code execution in de.tum.in.ase:artemis-java-test-sandbox
Summary Because of the missing checkLinkString override in the SecurityManager, students can load libraries and execute arbitrary code. Details Using System.loadString or System.loadLibraryString students can load and execute arbitrary code. java private static native void startList args; public...
PT-2023-32946 · Unknown · Artemis Java Test Sandbox
Name of the Vulnerable Software and Affected Versions: Artemis Java Test Sandbox versions prior to 1.11.2 Description: The issue allows an attacker to escape the sandbox by loading untrusted libraries using System.load or System.loadLibrary. This can lead to arbitrary Java code execution when a...