7 matches found
EUVD-2019-0249
Malware in sbrugna...
EUVD-2019-0353
Malware in sbrugna...
Remote code execution
mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is ...
CVE-2016-10671
mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is ...
CVE-2016-10626
mystem3 is a NodeJS wrapper for the Yandex MyStem 3. mystem3 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the...
CVE-2016-10626
CVE-2016-10626 affects mystem3, a NodeJS wrapper for Yandex MyStem 3. The vulnerability arises because mystem3 downloads binary resources over HTTP, which enables a man‑in‑the‑middle (MitM) attacker to intercept the response and replace the binary with a malicious one. If the attacker sits betwee...
CVE-2016-10626
mystem3 is a NodeJS wrapper for the Yandex MyStem 3. mystem3 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the...