Linux Vim and Neovim Modeline Arbitrary Command Execution Vulnerability

A critical command execution vulnerability has been discovered in the Vim and Neovim command-line text editing application. Both applications come preinstalled on a majority of Linux based OS systems. The vulnerability, tracked as CVE-2019-12735 can be exploited by tricking users into opening a specially crafted text file with Vim or Neovim editor. This could allow … Continue reading “Linux Vim and Neovim Modeline Arbitrary Command Execution Vulnerability”

Exim Remote Command Execution Vulnerability (CVE-2019-10149)

The Exim mail transfer agent (MTA) contains a vulnerability that can allow  attackers to execute arbitrary commands reliably on a targeted system. This vulnerability was discovered by our own Qualys Security Research Team and has been named as “The Return of the WIZard” as a reference to a couple of similar command execution vulnerabilities in … Continue reading “Exim Remote Command Execution Vulnerability (CVE-2019-10149)”

Docker Arbitrary File Read/Write Access Vulnerability

A critical race condition vulnerability has been disclosed in the Docker, tracked as CVE-2018-15664. The vulnerability affects all versions of Docker and resides in the FollowSymlinkInScope function, which is vulnerable to the time of check to time of use (TOCTOU) attack. Affected Versions: All Docker versions available till now. Vulnerability: Form the bug, it appears … Continue reading “Docker Arbitrary File Read/Write Access Vulnerability”

Microsoft Remote Desktop Services (RDP) Remote Code Execution Vulnerability – CVE-2019-0708

Introduction: Microsoft has released fixes for a very high-risk vulnerability (CVE-2019-0708, aka BlueKeep) in this Patch Tuesday that impacts Windows XP, Windows 7, Server 2003, Server 2008, and Server 2008 R2. A critical remote code execution vulnerability exists in the Microsoft Windows systems running Remote Desktop Protocol (RDP). Upon successful exploitation an attacker can gain … Continue reading “Microsoft Remote Desktop Services (RDP) Remote Code Execution Vulnerability – CVE-2019-0708”

Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CNVD-C-2019-48814/CVE-2019-2725)

Oracle WebLogic is an application server used for building and hosting Java-EE applications. A highly critical remote code execution vulnerability has been discovered in Oracle WebLogic application servers running the WLS9_ASYNC and WLS-WSAT components. The vulnerability was initially disclosed by China National Vulnerability Database under the tracker number CNVD-C-2019-48814. Later the vulnerability is assigned to … Continue reading “Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CNVD-C-2019-48814/CVE-2019-2725)”

Microsoft Windows Win32k Privilege Escalation Vulnerability

Microsoft Windows is prone to local privilege-escalation vulnerability. CVE-2019-0859 has been assigned to track this vulnerability. This privilege escalation vulnerability is being exploited in the wild. Vulnerability Details: The vulnerability exists when the Win32k component fails to properly handle objects in memory. An attacker can exploit this issue to execute arbitrary code in kernel mode, … Continue reading “Microsoft Windows Win32k Privilege Escalation Vulnerability”

Microsoft Internet Explorer XML External Entity (XXE) Vulnerability – Zero Day

Overview: A security researcher has publicly disclosed the details of a zero-day vulnerability in Microsoft Internet Explorer 11. Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file. From techtarget.com, “MHT is a Web page archive file format. The archived Web page is an MHTML (short for … Continue reading “Microsoft Internet Explorer XML External Entity (XXE) Vulnerability – Zero Day”

ThinkPHP Remote Code Execution Vulnerability

Recently, ThinkPHP released an advisory, for a high-risk remote code execution (RCE) vulnerability. The vulnerability exists because ThinkPHP framework improperly checks controller names. This may lead to possible getshell vulnerabilities without the forced routing enabled. A proof of concept (PoC) exploiting this vulnerability was also published soon after the advisory. The proof-of-concept code exploits a … Continue reading “ThinkPHP Remote Code Execution Vulnerability”

Apache Solr Config API Remote Code Execution Vulnerability (CVE-2019-0192)

Apache has recently fixed a Java Deserialization vulnerability in Apache Solr. Apache Solr has a Config API which allows to configure Solr’s JMX server via an HTTP POST request. It’s possible to setup a malicious RMI server, have Config API point to this malicious RMI server and trigger a remote code execution via Apache Solr’s unsafe … Continue reading “Apache Solr Config API Remote Code Execution Vulnerability (CVE-2019-0192)”

Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003)

Recently, Drupal released a patch for a critical remote code execution vulnerability (SA-CORE-2019-003), tracked as CVE-2019-6340. This vulnerability can be easily exploited by a remote attacker to execute arbitrary code on the targeted system when the RESTful Web Services module is enabled and the GET, POST, PATCH or POST method request is allowed. This isn’t … Continue reading “Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003)”