21 matches found
EUVD-2020-26936
Malware in sbrugna...
EUVD-2020-26935
Malware in sbrugna...
CVE-2020-5778
A flaw exists in Trading Technologies Messaging 7.1.28.3 ttmd.exe due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to terminate...
CVE-2020-5779
A flaw in Trading Technologies Messaging 7.1.28.3 ttmd.exe relates to invalid parameter handling when calling strcpys with an invalid parameter i.e., a long src string parameter as a part of processing a type 4 message sent to default TCP RequestPort 10200. It's been observed that ttmd.exe...
N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors. Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736 , said the...
CVE-2020-5779
A flaw in Trading Technologies Messaging 7.1.28.3 ttmd.exe relates to invalid parameter handling when calling strcpys with an invalid parameter i.e., a long src string parameter as a part of processing a type 4 message sent to default TCP RequestPort 10200. It's been observed that ttmd.exe...
CVE-2020-5778
A flaw exists in Trading Technologies Messaging 7.1.28.3 ttmd.exe due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to terminate...
CVE-2020-5778
A flaw exists in Trading Technologies Messaging 7.1.28.3 ttmd.exe due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to terminate...
CVE-2020-5779
A flaw in Trading Technologies Messaging 7.1.28.3 ttmd.exe relates to invalid parameter handling when calling strcpys with an invalid parameter i.e., a long src string parameter as a part of processing a type 4 message sent to default TCP RequestPort 10200. It's been observed that ttmd.exe...
Input validation
A flaw exists in Trading Technologies Messaging 7.1.28.3 ttmd.exe due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to terminate...
Design/Logic Flaw
A flaw in Trading Technologies Messaging 7.1.28.3 ttmd.exe relates to invalid parameter handling when calling strcpys with an invalid parameter i.e., a long src string parameter as a part of processing a type 4 message sent to default TCP RequestPort 10200. It's been observed that ttmd.exe...
CVE-2020-5779
A flaw in Trading Technologies Messaging 7.1.28.3 ttmd.exe relates to invalid parameter handling when calling strcpys with an invalid parameter i.e., a long src string parameter as a part of processing a type 4 message sent to default TCP RequestPort 10200. It's been observed that ttmd.exe...
CVE-2020-5779
Affected software: Trading Technologies Messaging 7.1.28.3 (ttmd.exe) Vulnerability detail: A flaw in invalid parameter handling when calling strcpy_s() with an invalid parameter (long src string) while processing a type 4 message sent to the default TCP port 10200, leading to ttmd.exe terminatio...
CVE-2020-5778
A flaw exists in Trading Technologies Messaging 7.1.28.3 ttmd.exe due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to terminate...
CVE-2020-5778
Trading Technologies Messaging 7.1.28.3 (ttmd.exe) is affected. The issue arises when processing a type 8 message sent to default TCP port 10200, due to improper validation of user-supplied data. An unauthenticated, remote attacker can exploit this to terminate ttmd.exe. The available documents p...
Trading Technologies Messaging (ttm_cmd) Detection
Binary data ttttmcmddetect.nbin...
Trading Technologies Messaging remove_park Stack Overflow
The Trading Technologies Messaging TTM running on the remote host is affected by a remote code execution vulnerability due to the lack of validation of user-supplied data prior to copying it to a fixed-length stack-based buffer when processing a removepark message. An unauthenticated, remote...
Trading Technologies X_TRADER remove_park Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...
Trading Technologies X_TRADER unblock_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...
Trading Technologies X_TRADER block_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...