14 matches found
EUVD-2018-15798
Malware in sbrugna...
EUVD-2018-15801
Malware in sbrugna...
CVE-2018-4012
An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud serve...
CVE-2018-4012
CUJO Smart Firewall is affected by CVE-2018-4012 via the Webroot BrightCloud SDK. The vulnerable component is bc_http_read_header in the BrightCloud HTTP header parsing code, which can overflow a 0x2000-byte header buffer when reading overlong headers. An unauthenticated attacker could impersonat...
CVE-2018-4012
An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud serve...
Buffer overflow
An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud serve...
Webroot BrightCloud SDK Buffer Overflow Vulnerability
Webroot BrightCloud SDK is a set of SDKs Software Development Kits from Webroot, Inc. for detecting website security. A buffer overflow vulnerability exists in the HTTP header parsing function in the Webroot BrightCloud SDK, which stems from the 'bchttpreadheader' function failing to correctly...
Webroot BrightCloud SDK Information Disclosure Vulnerability
Webroot BrightCloud SDK is a set of SDKs Software Development Kits from Webroot, Inc. for detecting website security. A security vulnerability exists in the HTTP client functionality in the Webroot BrightCloud SDK, which stems from the client configuration failing to make a secure connection by...
CVE-2018-4015
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server...
Design/Logic Flaw
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server...
CVE-2018-4015
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server...
CVE-2018-4015
CVE-2018-4015 affects the Webroot BrightCloud SDK used in CUJO Smart Firewall. The root cause is that the HTTP client defaults to HTTP and does not enforce secure TLS verification, enabling a man-in-the-middle to impersonate BrightCloud servers and potentially expose credentials, alter queries, o...
Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability
Summary An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightClo...
Webroot BrightCloud SDK HTTP connection unsafe defaults vulnerability
Summary An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightClou...