Emergency Response Archives - Page 82 of 89

Adobe Security Advisory for February 2019 Security Updates

By NSFOCUSPosted February 19, 2019

Overview On February 12, local time, Adobe officially released security bulletins and advisories to announce security updates to patch multiple vulnerabilities in such products as Adobe Flash Player, Adobe Creative Cloud Desktop Application, ColdFusion, and Adobe Acrobat and Reader. (more…)

Critical runC Container Escape Vulnerability (CVE-2019-5736) Threat Alert

By NSFOCUSPosted February 18, 2019

Overview RUNC is a CLI tool for spawning and running containers according to the Open Container Initiative (OCI) specification. As the core of the Docker, runC can be called for creating, running, and destructing containers. (more…)

Padlock on digital privacy-related text background.

APT/APT-GET RCE Vulnerability (CVE-2019-3462) Handling Guide

By NSFOCUSPosted January 30, 2019

1 Vulnerability Overview Recently, a security researcher discovered a critical vulnerability in the Advanced Packaging Tool (APT) of Linux. This vulnerability stems from the APT's failure to properly handle redirects, which can be triggered via a man-in-the-middle attack or a malicious package mirror, resulting in remote code execution. (more…)

Detective with magnifying glass and hat.

Linux apt/apt-get Remote Code Execution (RCE) Vulnerability (CVE-2019-3462) Threat Alert

By NSFOCUSPosted January 28, 2019

Overview On January 22, 2019, local time, security researcher Max Justicz announced his discovery of a remote code execution (RCE) vulnerability in Linux apt/apt-get. This vulnerability stems from the APT's failure to properly handle certain parameters involved in HTTP redirects. It can be triggered via a man-in-the-middle attack or a...

Oracle January 2019 Critical Patch Update Security Advisory for All Product Families

By NSFOCUSPosted January 22, 2019

Overview On January 15, 2019, local time, Oracle released its own security advisory and third-party security advisories for its January 2019 Critical Patch Update (CPU) which fix 284 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, see the appendix. (more…)

ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* Remote Code Execution Vulnerability Handling Guide

By NSFOCUSPosted January 21, 2019

1 Vulnerability Overview Recently, ThinkPHP 5.0-5.0.23 was found to have a remote code execution (RCE) vulnerability. The NSFOCUS Falcon Team carried out tests and found that ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* were also prone to this vulnerability, which could be triggered in both Linux and Windows systems. (more…)

Category: Emergency Response

Adobe Security Advisory for February 2019 Security Updates

Critical runC Container Escape Vulnerability (CVE-2019-5736) Threat Alert

APT/APT-GET RCE Vulnerability (CVE-2019-3462) Handling Guide

Linux apt/apt-get Remote Code Execution (RCE) Vulnerability (CVE-2019-3462) Threat Alert

Oracle January 2019 Critical Patch Update Security Advisory for All Product Families

ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* Remote Code Execution Vulnerability Handling Guide

CLOUD-DELIVERED SERVICES

PRODUCTS

SOLUTIONS

SUPPORT & SERVICES

RESOURCES

NEWS AND EVENTS

COMPANY