56796 matches found
Randombit Botan Library X509 Certificate Validation Bypass Vulnerability(CVE-2017-2801)
Summary A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in...
Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability(CVE-2016-8725)
Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. Tested Versions Moxa AWK-3131...
Moxa AWK-3131A Web Application Nonce Reuse Vulnerability(CVE-2016-8712)
Summary An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. Teste...
Moxa AWK-3131A Web Application Ping Command Injection Vulnerability(CVE-2016-8721)
Summary An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...
HTTP OPTIONS method can leak Apache's server memory(CVE-2017-9798) (Optionsbleed)
If you're using the HTTP protocol in everday Internet use you are usually only using two of its methods: GET and POST. However HTTP has a number of other methods, so I wondered what you can do with them and if there are any vulnerabilities. One HTTP method is called OPTIONS. It simply allows aski...
PowerISO ISO Parsing Use After Free(CVE-2017-2823)
Summary A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability. Tested Versions PowerISO 6.8 6, ...
AntennaHouse DMC HTMLFilter PPT ParseEnvironment Code Execution Vulnerability(CVE-2017-2797)
Summary An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious PPT fil...
WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability(CVE-2017-2800)
Summary An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509 certificate can cause a single out of bounds byte overwrite resulting in potential certificate validation vulnerabilities,...
AntennaHouse DMC HTMLFilter Doc_GetFontTable Code Execution Vulnerability(CVE-2016-8383)
Summary An exploitable heap corruption vulnerability exists in the DocGetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this...
AntennaHouse DMC HTMLFilter GetIndexArray Code Execution Vulnerability(CVE-2017-2798)
Summary An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of AntennaHouse DMC HTMLFilter as used by MarkLogioc 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious XLS...
AntennaHouse DMC HTMLFilter Txo Code Execution Vulnerability(CVE-2017-2795)
Summary An exploitable heap corruption vulnerability exists in the Txo functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigge...
AntennaHouse DMC HTMLFilter AddSst Code Execution Vulnerability(CVE-2017-2799)
Summary An exploitable heap corruption vulnerability exists in the AddSst functionality of AntennaHouse DMC HTMLFilter as used by MarkLogioc 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious XLS file to...
PowerIso Parsing Code Execution Vulnerability(CVE-2017-2817)
Summary An stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO. A specially crafted ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific ISO file to trigger this vulnerability. Tested...
Artifex MuPDf JBIG2 Parser Code Execution Vulnerability(CVE-2016-8729)
Summary An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the...
AntennaHouse DMC HTMLFilter UnCompressUnicode Code Execution Vulnerability(CVE-2017-2793)
Summary An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of AntennaHouse DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS fil...
MuPDF Fitz library font glyph scaling Code Execution Vulnerability(CVE-2016-8728)
Summary An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victi...
AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability(CVE-2016-8382)
Summary An exploitable heap corruption vulnerability exists in the DocSetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this vulnerability...
Hancom Thinkfree NEO Hangul Word Processor HWPTAG_TAB_DEF Tab Count Code Execution Vulnerability(CVE-2017-2819)
Summary An exploitable heap-based buffer overflow exists in the Hangul Word Processor component version 9.6.1.4350 of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under th...
Tablib Yaml Load Code Execution Vulnerability(CVE-2017-2810)
Summary An exploitable vulnerability exists in the Databook loading functionality of Tablib. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker can insert python into loaded yaml to trigger this vulnerability. Tested Versions Tablib v0.11.4...
Foscam IP Video Camera CGIProxy.fcgi Change Username pureftpd.passwd Injection Vulnerability(CVE-2017-2850)
Summary An exploitable injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username...
Foscam IP Video Camera CGIProxy.fcgi Message 0x3001 Multi-part Form Boundary Code Execution Vulnerability(CVE-2017-2830)
Summary An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply...
Foscam IP Video Camera CGIProxy.fcgi Query Append Buffer Overflow Vulnerability(CVE-2017-2831)
Summary An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply...
Foscam IP Video Camera CGIProxy.fcgi Account Password Command Injection Vulnerability(CVE-2017-2828)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resultin...
Foscam IP Video Camera CGIProxy.fcgi NTP Server Configuration Command Injection Vulnerability(CVE-2017-2849)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during NTP server configuration...
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Sender Parameter Configuration Command Injection Vulnerability(CVE-2017-2844)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...
Foscam IP Video Camera CGIProxy.fcgi Account Creation Command Injection Vulnerability(CVE-2017-2827)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during account creation resulting...
Foscam IP Video Camera CGIProxy.fcgi Account Deletion Command Injection Vulnerability(CVE-2017-2832)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resultin...
Foscam IP Video Camera CGIProxy.fcgi Wifi Settings Code Exectuion Vulnerability(CVE-2017-2851)
Summary An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data, potentially...
Foscam IP Video Camera CGIProxy.fcgi SMTP Test User Parameter Configuration Command Injection Vulnerability(CVE-2017-2842)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...
Foscam IP Video Camera CGIProxy.fcgi DNS1 Address Configuration Command Injection Vulnerability(CVE-2017-2847)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...
Foscam IP Video Camera CGIProxy.fcgi Gateway Address Configuration Command Injection Vulnerability(CVE-2017-2846)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...
Foscam IP Video Camera CGIProxy.fcgi DNS2 Address Configuration Command Injection Vulnerability(CVE-2017-2848)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...
Foscam IP Video Camera CGIProxy.fcgi Message 0x3001 Directory Traversal Vulnerability(CVE-2017-2829)
Summary An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failulre to adequately filter...
Foscam IP Video Camera WebService CGI Parameter Code Execution Vulnerability(CVE-2017-2805)
Summary An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker can simp...
Foscam C1 Webcam FTP Hard Coded Password Vulnerability(CVE-2016-8731)
Summary Hard-coded FTP credentials r:r are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device. Tested Versions Foscam C1 Firmware Version...
Microsoft Edge: ACG bypass using DuplicateHandle
ACG Arbitrary Code Guard in Microsoft Edge is bypassable. The bypass has been tested on Microsoft Edge 40.15063.0.0 running on Windows 10 Enterprise 64-bit with Creators Update Version 1703, OS build 15063.413 Background: To implement ACG...
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Command Injection Vulnerability(CVE-2017-2845)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tes...
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability(CVE-2017-2841)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Password Parameter Configuration Command Injection Vulnerability(CVE-2017-2843)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...
Enlarge your botnet with: top D-Link routers (DIR8xx D-Link routers cruisin' for a bruisin')
In this article, we are going to discuss vulnerabilities detected in the top D-Link routers: DIR890L DIR885L DIR895L and other DIR8xx D-Link routers cruising for a bruising. The devices use the same code, thus giving a magnificent and quite tempting opportunity to attackers to add them to a botne...
Foscam IP Video Camera CGIProxy.fcgi FTP Startup Configuration Command Injection Vulnerability(CVE-2017-2833)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command injection...
Invincea-X SboxDrv.sys Version Number Query Local Privilege Escalation Vulnerability(CVE-2016-9038)
Summary An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a specia...
FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY
FireEye recently detected a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability. This vulnerability allows a malicious actor to inject arbitrary code during the parsing of SOAP WSDL definition contents. FireEye analyzed a Microsoft...
InsideSecure MatrixSSL x509 certificate General Names Information Disclosure Vulnerability(CVE-2017-2782)
Summary An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a...
ProcessMaker Enterprise Core Multiple SQL Injection Vulnerabilities(CVE-2016-9048)
Summary Multiple exploitable SQL Injection vulnerabilities exists in ProcessMarker Enterprise Core 3.0.1.7-community. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability,...
Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability(CVE-2017-2814)
Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF...
InsideSecure MatrixSSL x509 certificate SubjectDomainPolicy Remote Code Execution Vulnerability(CVE-2017-2780)
Summary An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a...
Invincea Dell Protected Workspace Protection Bypass(CVE-2016-8732)
Summary Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additonal insufficient checks allow any application to turn off some of the protection mechanisms provided by the...
Iceni Infix PDF parsing SetSize Code Execution Vulnerability(CVE-2017-2863)
Summary An out-of-bounds write vulnerability exists in the PDF parsing functionality of Infix 7.1.5. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability. Tested Versions...
Poppler PDF library JPEG 2000 levels Code Execution Vulnerability(CVE-2017-2820)
Summary An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code...