Emergency Response

Multiple Cisco Products Contain Critical Vulnerabilities Threat Alert

September 20, 2019 | Mina Hao

Overview On August 21, 2019, local time, Cisco officially released multiple security advisories, announcing remediation of critical vulnerabilities in a number of products. These vulnerabilities include authentication bypass and remote code execution vulnerabilities and the most critical one gets a CVSS score of 9.8.

Aspose Remote Code Execution Vulnerabilities (CVE-2019-5032/5033/5041) Threat Alert

September 17, 2019 | Mina Hao

Overview Recently, Cisco Talos published several technical analysis reports, claiming that Aspose.cells and Aspose.words in Aspose products contain remote code execution vulnerabilities, which can be exploited via a maliciously crafted file to result in remote code execution.

Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability (CVE-2019-12643) Threat Alert

September 13, 2019 | Mina Hao

Overview On August 28, 2019, local time, Cisco released a security advisory, announcing remediation of an authentication bypass vulnerability (CVE-2019-12643) in the Cisco REST API virtual service container for Cisco IOS XE Software.

Microsoft RDS Remote Code Execution Vulnerabilities (CVE-2019-1181-1182)Threat Alert

September 10, 2019 | Mina Hao

Vulnerability Overview On August 14, 2019, Beijing time, Microsoft released remote desktop (RDP) service fixes and patches for a series of vulnerabilities, including two critical remote code execution (RCE) vulnerabilities (CVE-2019-1181 and CVE-2019-1182). Similar to the BlueKeep vulnerability (CVE-2019-0708) previously fixed, vulnerabilities disclosed this time have characteristics of worms. In other words, attackers could exploit […]

QEMU VM Escape Vulnerability (CVE-2019-14378) Threat Alert

September 9, 2019 | Mina Hao

Overview Recently, a security researcher disclosed a heap-based buffer overflow vulnerability (CVE-2019-14378) in the SLiRP networking backend in the QEMU emulator. An attacker could exploit this vulnerability to crash the QEMU process on a host machine, resulting in a denial of service, or possibly execute arbitrary code with privileges of the QEMU process.

Ghostscript .buildfont1 –dSAFER Sandbox Bypass Vulnerability

September 6, 2019 | Mina Hao

Vulnerability Overview Ghostscript is a suite of software based on an interpreter for Adobe System’s PostScript and Portable Document Format (PDF) page description languages. It is widely used as a raster image processor (RIP) for raster computer printers. Currently, it has been ported from Linux to other operating systems, including UNIX, Mac OS X, VMS, […]

TortoiseSVN Remote Code Execution Vulnerability (CVE-2019-14422) Threat Alert

September 3, 2019 | Mina Hao

Overview On August 13, local time, a researcher from a vulnerability laboratory (vxrl team) disclosed a remote code execution vulnerability (CVE-2019-14422) in TortoiseSVN. The URI handler of TortoiseSVN (Tsvncmd:) allows a customized diff operation on Excel workbooks. This vulnerability could be used to open remote workbooks without protection from macro security settings to execute arbitrary […]

Ghostscript -dSAFER Multiple Sandbox Bypass Vulnerabilities Threat Alert

September 2, 2019 | Mina Hao

Vulnerability Description On August 28, 2019, Artifex submitted “Bug 701446: Avoid divide by zero in shading” on the master branch of Ghostscript and announced remediation of four -dSAFER sandbox bypass vulnerabilities. -dSAFER is a security sandbox used by Ghostscript for prevention of insecure PostScript operations.

Ghostscript -dSAFER Sandbox Bypass Vulnerability (CVE-2019-10216) Threat Alert

August 30, 2019 | Mina Hao

Overview Recently, Ghostscript announced the discovery of the -dSAFER sandbox bypass vulnerability (CVE-2019-10216). The .buildfont1 procedure in Ghostscript does not properly restrict privileged calls, which allows attackers to escalate privileges and access files beyond the restricted domain.

Adobe Security Bulletins for August 2019 Security Updates Threat Alert

August 26, 2019 | Mina Hao

Overview On August 13, 2019, local time, Adobe officially released August’s security updates to fix multiple vulnerabilities in its various products, including Adobe Photoshop CC , Adobe Experience Manager, Adobe Acrobat and Reader, Adobe Creative Cloud Desktop Application, Adobe Prelude CC, Adobe Premiere Pro CC, Adobe Character Animator CC, and Adobe After Effects CC.