14 matches found
EUVD-2021-14512
Malware in sbrugna...
User SID is displayed in Workspace UI after sign-in through SAML authentication
In the use case of SAML using Azure AD and AD identities for Workspace authentication, when end user sign-in Citrix Workspace, Workspace UI just shows a Security Identifier SID, instead of the user’s display name...
CVE-2021-27771
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID SID. This value is also used when sending chat messages,...
Arbitrary file deletion
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID SID. This value is also used when sending chat messages,...
How to Configure User SID Enumeration in the XML Service
This article contains information about configuring the Citrix XML Service to perform enumeration of Security Identifiers SIDs for user accounts when using Single Sign-on SSO or smart card authentication to Web Interface 5.0. Background When using SSO or smart card authentication, access for user...
Update Rollup 8 for System Center 2016 Orchestrator
Update Rollup 8 for System Center 2016 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 8 for Microsoft System Center 2016 Orchestrator. This article also contains the installation instructions for this update. Issues that are fixed Runbook performing SQ...
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Exploit
Exploit for windows platform in category local exploits Windows: LUAFV Delayed Virtualization Cross Process Handle Duplication EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The LUAFV...
CVE-2018-8754
The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...
Out-of-bounds
DISPUTED The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...
CVE-2018-8754
The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...
CVE-2018-8754
The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...
CVE-2018-8754
The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...
CVE-2018-8754
The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...
CVE-2018-8754
The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...