This vulnerability affects Windows 7 and was published seven years ago. We decided to check if this is still a zero day and can still be exploited as Microsoft never acknowledged it. The following video demonstrates this attack on a fully patched Windows 7 SP1 system: As you can see, we setup a fully patched … Continue reading “Microsoft Windows DHCPv6 Packets Remote Denial of Service Vulnerability (Zero Day)”
VMware NSX SD-WAN Edge by VeloCloud Multiple Command Execution Vulnerabilities
Background: An unauthenticated, remote command execution vulnerability was discovered in the VMware NSX SD-WAN Edge by VeloCloud, tracked as CVE-2018-6961. Delivered as either a hardware appliance or virtual instance, NSX SD-WAN edges provide security connectivity to private, public, and hybrid applications, as well as compute and virtualized services. The vulnerabilities exist due to insufficient sanitization … Continue reading “VMware NSX SD-WAN Edge by VeloCloud Multiple Command Execution Vulnerabilities”
PhpMyAdmin Local File Inclusion Vulnerability (PMASA-2018-4)
phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. A vulnerability has been discovered where an attacker can include (view and potentially execute) files on the server. CVE-2018-12613 has been assigned to track this vulnerability. The vulnerability affects phpMyAdmin 4.8.0 and 4.8.1. Upon successful exploitation … Continue reading “PhpMyAdmin Local File Inclusion Vulnerability (PMASA-2018-4)”
Intel LazyFP Vulnerability : CVE-2018-3665
An information disclosure vulnerability has been disclosed in Intel Microprocessors. Lazy restored FP states are susceptible to speculative execution cache side-channel attacks, A process can infer FPU registry (AVX, MMX and SSE) values of other processes. CVE-2018-3665 has been assigned to track this issue. It does not affect AMD processors. Intel has addressed this vulnerability in … Continue reading “Intel LazyFP Vulnerability : CVE-2018-3665”
Cortana Elevation of Privilege Vulnerability: CVE-2018-8140
An elevation of privilege vulnerability was discovered in Microsoft virtual assistant ‘Cortana’. The issue arises due to a behavior glitch in Cortana. Upon successful exploitation an attacker can gain elevated command execution. The attacker would need physical access to the target machine to perform the attack. Microsoft has addressed this vulnerability in patches released in … Continue reading “Cortana Elevation of Privilege Vulnerability: CVE-2018-8140”
JScript Error Object Use-After-Free Vulnerability : CVE-2018-8267
A zero-day vulnerability in the JScript has been disclosed to Microsoft. CVE-2018-8267 has been assigned to track this vulnerability. Microsoft has accepted the disclosure, the advisory addressing the issue has been released. It is a use-after-free vulnerability in Windows JScript, the vulnerability is due to improper handling of error objects by JScript. Upon successful exploitation an attacker can gain … Continue reading “JScript Error Object Use-After-Free Vulnerability : CVE-2018-8267”
Adobe Flash Player Stack Overflow Vulnerability: CVE-2018-5002
A stack overflow vulnerability was discovered in the Adobe’s Flash Player. CVE-2018-5002 has been assigned to track this vulnerability. The issue occurs due to improper execution of try-catch statement with a static initializer. It affects Adobe Flash Player 29.0.0.171 and earlier versions. Adobe has addressed this issue in APSB18-19 by releasing version 30.0.0.113. Microsoft has released ADV180014 … Continue reading “Adobe Flash Player Stack Overflow Vulnerability: CVE-2018-5002”
Adobe Acrobat Reader OCG Heap-based Buffer Overflow : CVE-2018-4910
A heap overflow vulnerability was discovered in Adobe Acrobat Pro DC. The issue occurs due to improper handling of OCG content. Upon successful exploitation an attacker can corrupt memory,control-flow hijack. CVE-2018-4910 has been assigned to track this vulnerability.The issue affects Adobe Acrobat Pro DC 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions Vulnerability … Continue reading “Adobe Acrobat Reader OCG Heap-based Buffer Overflow : CVE-2018-4910”
Git RCE Vulnerability : CVE-2018-11235
A remote code execution in Git has been discovered. CVE-2018-11235 has been assigned to track this vulnerability. Git 2.17.1 and Git for Windows 2.17.1 (2) address this vulnerability. Vulnerability submodule “names” from .gitmodule files are appended to $GIT_DIR/modules for on-disk repository paths. When we git clone a repository not all configuration files and hooks are received from … Continue reading “Git RCE Vulnerability : CVE-2018-11235”
IBM QRadar Authentication Bypass: CVE-2018-1418
Multiple vulnerabilities in IBM QRadar have been disclosed. Upon successful exploitation an attacker can bypass authentication and achieve remote code execution. CVE-2018-1418 has been assigned to track this vulnerability. IBM Qradar is an SIEM tool used to detect and analyze security anomalies. The issue affects QRadar SIEM 7.3.0 to 7.3.1 Patch 2 and 7.2.0 to 7.2.8 … Continue reading “IBM QRadar Authentication Bypass: CVE-2018-1418”
