Vulnerability Description Recently, Linux's mail transfer agent Exim was reported to contain a remote code execution vulnerability (CVE-2019-15846). When the Exim server is accepting TLS connections, attackers could exploit this vulnerability to remotely execute arbitrary code with root privileges by sending an SNI ending in a backslash-null sequence. By default,...
Category: Emergency Response
Fastjson Remote Denial-of-Service Vulnerability Threat Alert
Vulnerability Description Recently, multiple versions of fastjson have been found to contain a remote denial-of-service (DoS) vulnerability. An attacker could exploit a flaw in the processing logic of fastjson to exhaust memory and CPU resources of the server via a maliciously crafted json string, leading to a denial of service....
Microsoft Released September Patches to Fix 81 Security Vulnerabilities Threat Alert
Overview  Microsoft released the Spetember 2019 security patch on Tuesday that fixes 81 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Core, .NET Framework, Active Directory, Adobe Flash Player, ASP.NET, Common Log File System Driver, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft...
Adobe Security Bulletins for September 2019 Security Updates Threat Alert
Overview On September 10, 2019, local time, Adobe officially released September's security updates to fix multiple vulnerabilities in its various products, including Adobe Application Manager and Adobe Flash Player. (more…)
Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708) Exploit Disclosure Threat Alert
Exploit Disclosure In the early morning of September 7, Beijing time, a developer disclosed a Metasploit exploit module for the Windows remote desktop services remote code execution vulnerability (CVE-2019-0708) on GitHub. The initial public exploit module (BlueKeep) for the CVE-2019-0708 vulnerability could cause old versions of Windows (Windows 7 SP1...
Confluence Local File Disclosure Vulnerability (CVE-2019-3394) Handling Guide
Vulnerability Description Recently, Atlassian released a security advisory, announcing remediation of a local file disclosure vulnerability (CVE-2019-3394) in Confluence products. (more…)
