An out-of-bounds read vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to improper handling of JPEG2000 images, and could be used to gain sensitive information that may help in further attacks. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted webpage or PDF document.
Category Archives: Checkpoint
Checkpoint
FreePBX callmenum Remote Code Execution (CVE-2012-4869)
FreePBX is an open source software implementation of a telephone Private Branch eXchange (PBX). A code execution vulnerability exists in FreePBX software. Remote attacker can exploit this vulnerability to inject arbitrary PHP functions and commands.
Tuleap PHP Unserialize Code Execution (CVE-2014-8791)
This module exploits a PHP object injection vulnerability. Tuelap could be abused to allow authenticated users to execute arbitrary code with the permissions of the web server. This could lead to execute PHP code on the server.
Memcached process_bin_append_prepend Integer Overflow (CVE-2016-8704)
An integer overflow vulnerability exists in memcached. This vulnerability is due to a lack of bounds checking in the process_bin_append_prepend function while processing commands that append or prepend data to existing key-value pairs. A remote unauthenticated attacker can exploit these vulnerabilities by sending a specially crafted packet to memcached.
Microsoft SQL RDBMS Engine UNC Path Injection Privilege Escalation (MS16-136; CVE-2016-7250)
A privilege escalation vulnerability exists in Microsoft SQL Server. The vulnerability is due to the improper handling of a SQL query containing a UNC path. A remote, authenticated attacker can exploit the vulnerability by sending a crafted SQL request to the server. Successful exploitation could allow an attacker to gain the password hashes of the account used to run the server service.
Memcached process_bin_sasl_auth Integer Underflow (CVE-2016-8706)
An integer underflow vulnerability exists in the Memcached binary protocol. This vulnerability is due to a lack of bounds checking in the process_bin_sasl_auth function. A remote unauthenticated attacker can exploit these vulnerabilities by sending a specially crafted packet to memcached that can lead to a buffer overflow and possible code execution in the context of the user.
Trend Micro Virtual Mobile Infrastructure apns_worker.py Command Injection (CVE-2016-6270)
A remote command execution vulnerability exists in Trend Micro Smart Protection Server. The vulnerability is due to insufficient validation of user-supplied input. A remote, authenticated attacker could exploit this vulnerability by sending a crafted input to the vulnerable system that could lead to arbitrary command execution under the security context of system.
Trend Micro Control Manager Information Disclosure (CVE-2016-6220)
An XML external entity (XXE) processing vulnerability has been reported in Trend Micro Control Manager. The vulnerability is due to lack of validation of user-supplied input prior to executing an XML query. A remote, authenticated attacker could exploit this vulnerability by sending a malicious HTTP request to the target system.
WooCommerce Tax Rates Cross-Site Scripting
A cross-site scripting vulnerability exists in the WooCommerce WordPress plugin. This vulnerability is triggered when the WooCommerce tax rates setting incorrectly processes user-supplied data. A remote attacker may exploit this vulnerability by uploading a malicious .csv file into the application. The file then injects malicious code triggering the attack, thereby allowing the attacker to gain full control of the web server.
MikroTik RouterOS SNMP Security Bypass (CVE-2008-6976)
MikroTik RouterOS is prone to a security-bypass vulnerability because the software fails to sufficiently sanitize SNMP requests. Successfully exploiting this issue allows attackers to write to and change certain aspects of the Network Management System (NMS). This may aid in further attacks. Versions up to and including RouterOS 3.13 and 2.9.51 are vulnerable.