Vulnerability overview A remote code execution vulnerability exists in the Windows Graphics Device Interface (GDI). It occurs due to incorrect handling of an objects in memory. The attackers can execute arbitrary commands on the targeted system. A Graphics Device Interface(GDI+) is the sub-system of windows operating system. It used by various applications for displaying information … Continue reading “Windows GDI Remote Code Execution(CVE-2020-0883)”
Oracle Weblogic Insecure Deserialization with IIOP(CVE-2020-2551)
Overview On January 14, 2020, Oracle disclosed the critical vulnerability CVE-2020-2551 . Vulnerability has been discovered in the Oracle WebLogic Server, component of Oracle Fusion Middleware using IIOP protocol. Flaw existed the way WebLogic Server handled IIOP deserialization. It led to remote code execution using IIOP protocol via Malicious JNDI Lookup. Before looking into vulnerability, … Continue reading “Oracle Weblogic Insecure Deserialization with IIOP(CVE-2020-2551)”
ThinkPHP Remote Code Execution Vulnerability(CVE-2018-20062,CVE-2019-9082)
Vulnerability Overview Over the last few months, a remote code execution bug on Chinese open source framework ThinkPHP is being actively exploited by attackers to deliver a variety of malware. Poorly handled input is a leading cause behind the vulnerability. As a result, a remote attacker can send a crafted HTTP request to execute arbitrary … Continue reading “ThinkPHP Remote Code Execution Vulnerability(CVE-2018-20062,CVE-2019-9082)”
Autodesk FBX-SDK multiple vulnerabilities (CVE-2020-7080,CVE-2020-7081,CVE-2020-7082,CVE-2020-7083,CVE-2020-7084,CVE-2020-7085)
Summary: Multiple vulnerabilities were observed in software development kit (SDK) of Autodesk products. Applications and Services that utilize the Autodesk FBX-SDK Ver. 2020.0 or earlier can be impacted by buffer overflow, type confusion, use-after-free, integer overflow, NULL pointer dereference, and heap overflow vulnerabilities. Description: This Autodesk vulnerabilities have a high severity, which if exploited, would … Continue reading “Autodesk FBX-SDK multiple vulnerabilities (CVE-2020-7080,CVE-2020-7081,CVE-2020-7082,CVE-2020-7083,CVE-2020-7084,CVE-2020-7085)”
XAMPP Arbitrary Code Execution Vulnerability [CVE-2020-11107]
Vulnerability Overview A remote code execution vulnerability in the XAMPP has recently been found. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable command execution. These can be carried out through the control panel of xampp. What is XAMPP XAMPP is a package containing the Apache WebServer, … Continue reading “XAMPP Arbitrary Code Execution Vulnerability [CVE-2020-11107]”
RubyGems typosquatting attack in Ruby Libraries
Overview Recent investigation on Ruby packages discovered that over 760 malicious packages uploaded on the official RubyGems repository targeting Windows users. RubyGems is a package management framework for Ruby programming language. The repository contains thousands of packages also called gems. Each ruby gem consists of Code, Documentation and Gem specification. Gems are formed of a … Continue reading “RubyGems typosquatting attack in Ruby Libraries”
Google Chrome use-after-free Vulnerability (CVE-2020-6457)
Summary: In the headlines today, we have, Amidst the global lockdown, in the same week where Microsoft had confirmed seven critical vulnerabilities for Windows 10 users, Google has confirmed what it refers to as a critical security vulnerability. Google has not disclosed more details on the vulnerability, but independent cyber-security experts have dug into the … Continue reading “Google Chrome use-after-free Vulnerability (CVE-2020-6457)”
Apache ShardingSphere UI Remote Code Execution Vulnerability (CVE-2020-1947)
Summary: Recently, Apache ShardingSphereofficial release announcement of the 4.0.1 version. An authenticated attacker with default credentials can cause code execution when he/she submits a malicious yaml in the background management office. Classified as CWE-269, impacting confidentiality, integrity, and availability. Description: SnakeYAML library for parsing YAML inputs to load datasource configuration in ShardingSphere’s web console of … Continue reading “Apache ShardingSphere UI Remote Code Execution Vulnerability (CVE-2020-1947)”
Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)
Summary: An unusual buffer overflow vulnerability. that allows LPE was observed prior to April’s PT (patch-tuesday) in various Oracle Solaris platform. The researcher have published a POC publicly that was acclaimed by Oracle as well for CVE-2020-2944. Description: A buffer overflow in the _SanityCheck() function in the Common Desktop Environment version distributed with Oracle Solaris … Continue reading “Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)”
Oracle Coherence Remote Code Execution Vulnerability
Summary: Oracle Coherence is a product in Oracle Fusion Middleware that enables organizations to scale mission critical application by providing them fast access to the frequently used data. Oracle Coherence is prone to Remote Code Execution vulnerability. This issue was assigned under CVE-2020-2555. Description: Oracle in their Advisory for January critical updates released patch for … Continue reading “Oracle Coherence Remote Code Execution Vulnerability”
