Emergency Response

Exploit Disclosure In the early morning of September 7, Beijing time, a developer disclosed a Metasploit exploit module for the Windows remote desktop services remote code execution vulnerability (CVE-2019-0708) on GitHub. The initial public exploit module (BlueKeep) for the CVE-2019-0708 vulnerability could cause old versions of Windows (Windows 7 SP1 x64 and Windows 2008 R2 […]

Vulnerability Description Recently, Atlassian released a security advisory, announcing remediation of a local file disclosure vulnerability (CVE-2019-3394) in Confluence products.

Overview On August 21, 2019, local time, Cisco officially released multiple security advisories, announcing remediation of critical vulnerabilities in a number of products. These vulnerabilities include authentication bypass and remote code execution vulnerabilities and the most critical one gets a CVSS score of 9.8.

Overview Recently, Cisco Talos published several technical analysis reports, claiming that Aspose.cells and Aspose.words in Aspose products contain remote code execution vulnerabilities, which can be exploited via a maliciously crafted file to result in remote code execution.

Overview On August 28, 2019, local time, Cisco released a security advisory, announcing remediation of an authentication bypass vulnerability (CVE-2019-12643) in the Cisco REST API virtual service container for Cisco IOS XE Software.

Vulnerability Overview On August 14, 2019, Beijing time, Microsoft released remote desktop (RDP) service fixes and patches for a series of vulnerabilities, including two critical remote code execution (RCE) vulnerabilities (CVE-2019-1181 and CVE-2019-1182). Similar to the BlueKeep vulnerability (CVE-2019-0708) previously fixed, vulnerabilities disclosed this time have characteristics of worms. In other words, attackers could exploit […]

Overview Recently, a security researcher disclosed a heap-based buffer overflow vulnerability (CVE-2019-14378) in the SLiRP networking backend in the QEMU emulator. An attacker could exploit this vulnerability to crash the QEMU process on a host machine, resulting in a denial of service, or possibly execute arbitrary code with privileges of the QEMU process.

Vulnerability Overview Ghostscript is a suite of software based on an interpreter for Adobe System’s PostScript and Portable Document Format (PDF) page description languages. It is widely used as a raster image processor (RIP) for raster computer printers. Currently, it has been ported from Linux to other operating systems, including UNIX, Mac OS X, VMS, […]

Overview On August 13, local time, a researcher from a vulnerability laboratory (vxrl team) disclosed a remote code execution vulnerability (CVE-2019-14422) in TortoiseSVN. The URI handler of TortoiseSVN (Tsvncmd:) allows a customized diff operation on Excel workbooks. This vulnerability could be used to open remote workbooks without protection from macro security settings to execute arbitrary […]

Vulnerability Description On August 28, 2019, Artifex submitted “Bug 701446: Avoid divide by zero in shading” on the master branch of Ghostscript and announced remediation of four -dSAFER sandbox bypass vulnerabilities. -dSAFER is a security sandbox used by Ghostscript for prevention of insecure PostScript operations.