Category Archives: Checkpoint

Checkpoint

WooCommerce Tax Rates Cross-Site Scripting

A cross-site scripting vulnerability exists in the WooCommerce WordPress plugin. This vulnerability is triggered when the WooCommerce tax rates setting incorrectly processes user-supplied data. A remote attacker may exploit this vulnerability by uploading a malicious .csv file into the application. The file then injects malicious code triggering the attack, thereby allowing the attacker to gain full control of the web server.

Memcached process_bin_update body_len Integer Overflow (CVE-2016-8705)

An integer overflow vulnerability exists in memcached. This vulnerability is due to an integer overflow in the process_bin_update() function while processing multiple commands and the body_len parameter of a Memcached binary protocol packet. A remote unauthenticated attacker can exploit these vulnerabilities by sending a specially crafted packet to memcached. This can lead to a buffer overflow and possible code execution in the context of the user. If code execution is unsuccessful, a denial of service condition may result.