Overview On October 13, 2020 (local time), Adobe released security updates which address a vulnerability in Adobe Flash Player. For details about the security bulletins and advisories, visit the following link: https://helpx.adobe.com/security.html (more…)
Category: Emergency Response
Yii2 Deserialization Remote Command Execution Vulnerability (CVE-2020-15148) Protection Solution
Overview Recently, NSFOCUS detected that Yii Framework 2 disclosed a deserialization remote command execution vulnerability (CVE-2020-15148) in its update log published on September 14, 2020. By adding the _wakeup() function to Class yii\db\BatchQueryResult, Yii Framework 2 disables yii\db\BatchQueryResult deserialization and prevents remote command execution caused by application calling 'unserialize()' on...
Linux Kernel Privilege Escalation Vulnerability (CVE-2020-14386) Threat Alert
Vulnerability Description Recently, NSFOCUS detected a privilege escalation vulnerability in the Linux kernel (CVE-2020-14386). An integer overflow exists in the way net/packet/af_packet.c processes AF_PACKET, which leads to out-of-bounds write, thereby escalating privileges. An attacker could exploit this vulnerability to gain system root privileges from unprivileged processes. This vulnerability may affect...
WebSphere XML External Entity Injection Vulnerability (CVE-2020-4643) Handling Guide
Vulnerability Description Recently, IBM released a security bulletin to announce the fix of an XML external entity injection (XXE) vulnerability (CVE-2020-4643) on WebSphere Application Server (WAS). Since WAS fails to properly process XML data, a remote attacker could exploit this vulnerability to obtain sensitive information on the server. The NSFOCUS...
IBM Spectrum Protect Plus Directory Traversal and Arbitrary Code Execution Vulnerabilities (CVE-2020-4711, CVE-2020-4703) Threat Alert
Vulnerability Description On September 15, 2020, NSFOCUS detected that IBM released a security bulletin, which fixed directory traversal and arbitrary code execution vulnerabilities (CVE-2020-4711, CVE-2020-4703) in IBM Spectrum Protect Plus Administrative Console. The directory traversal vulnerability (CVE-2020-4711) exists in a script (/opt/ECX/tools/scripts/restore_wrapper.sh) within Spectrum Protect Plus. An unauthenticated attacker could...
Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2020-16875) Handling Guide
Vulnerability Description Recently, NSFOCUS detected that security personnel disclosed the procedure for exploiting the Microsoft Exchange Server remote code execution vulnerability (CVE-2020-16875) online. The vulnerability was made public by Microsoft in its September 2020 Security Updates. A remote code execution vulnerability exists in the way that Microsoft Exchange Server handles...
