Emergency Response

Microsoft’s Security Patches for August Fix 95 Security Vulnerabilities Threat Alert

August 20, 2019 | Mina Hao

Overview  Microsoft released August 2019 security patches on Tuesday that fix 95 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Active Directory, HTTP/2, Microsoft Bluetooth Driver, Microsoft Browsers, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Malware Protection Engine, Microsoft NTFS, Microsoft Office, Microsoft Office […]

KDE Frameworks Command Execution Vulnerability (CVE-2019-14744) Threat Alert

August 19, 2019 | Mina Hao

Overview Recently, a security researcher took to Twitter to disclose a KDE Frameworks command injection vulnerability, which stems from the KDesktopfile class handling .desktop, .directory, and configuration files. An attacker could create malicious files of these types, which, once being viewed with the KDE file viewer, could trigger the vulnerability, leading to code execution without […]

Cisco Small Business 220 Series Smart Switches Multiple Vulnerabilities Threat Alert

August 14, 2019 | Mina Hao

Overview On August 6, 2019, local time, Cisco released security advisories on remediation of three vulnerabilities in Small Business 220 Series Smart Switches, including two critical ones, one of which has a CVSS 3.0 score as high as 9.8.

Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Threat Alert

August 13, 2019 | Mina Hao

1 Vulnerability Overview Recently, Apache Software Foundation (ASF) issued a security bulletin to announce the fix of the remote arbitrary code execution vulnerability (CVE-2019-0193) in Apache Solr. This vulnerability exists in the DataImportHandler module, a common module used to import data from databases or other sources. The whole DIH configuration of this module can come […]

ProFTPd Arbitrary File Copy Vulnerability (CVE-2019-12815) Threat Alert

August 12, 2019 | Mina Hao

Overview Recently, an official security bulletin was released to announce the remediation of an arbitrary file copy vulnerability (CVE-2019-12815) in ProFTPd. This vulnerability lies in the custom SITE CPFR and SITE CPTO operations in the mod_copy module. By issuing the two commands to ProFTPd, an attacker can copy any file on the FTP server without […]

Jackson-databind Remote Code Execution Vulnerability Technical Analysis

August 7, 2019 | Mina Hao

Vulnerability Overview On June 21, Red Hat officially released a security bulletin to announce the fix for a vulnerability in jackson-dababind. This vulnerability with a CVSS score of 8.1 affects multiple Red Hat products and a sophisticated exploit using this vulnerability is observed in the wild. On July 22, a security researcher named Andrea Brancaleoni […]

Jackson-databind Remote Code Execution Vulnerability (CVE-2019-12384) Threat Alert

August 6, 2019 | Mina Hao

Overview Recently, a security researcher discovered a vulnerability (CVE-2019-12384) in jackson-databind, noting that when certain conditions are met, an attacker, via a malicious request, could bypass the blacklist restriction and remotely execute code in an affected server during deserialization.

Drupal Access Bypass Vulnerability (CVE-2019-6342) Technical Analysis

August 5, 2019 | Mina Hao

1 Vulnerability Description Recently, Drupal released a security advisory on the remediation of an access bypass vulnerability (CVE-2019-6342). In Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created. In terms of the security risk, Drupal rates the vulnerability as Critical.

Drupal Access Bypass Vulnerability (CVE-2019-6342) Threat Alert

July 31, 2019 | Mina Hao

Overview On July 17, 2019, local time, Drupal released a security advisory on the remediation of an access bypass vulnerability (CVE-2019-6342). In Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created. In terms of the security risk, Drupal rates the vulnerability as Critical.

Atlassian Jira Unauthorized Template Injection Vulnerability (CVE-2019-11581) Threat Alert

July 29, 2019 | Mina Hao

1 Vulnerability Description Recently, the Jira vendor released a security advisory on a template injection vulnerability in Jira Server and Jira Data Center, which could cause remote code execution when either of the following conditions is met: An SMTP server has been configured in Jira and the Contact Administrators Form is enabled. An SMTP server […]