Overview Microsoft released the June 2020 security patches on Tuesday that fix 130 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Adobe Flash Player, Android App, Apps, Azure DevOps, Diagnostics Hub, HoloLens, Internet Explorer, Microsoft Browsers, Microsoft Edge, Microsoft Edge (Chromium-based) in IE Mode,...
Categoria: Emergency Response
Adobe Security Bulletins for June 2020 Security Updates
Overview On June 10, 2020, local time, Adobe officially released June's security updates to fix multiple vulnerabilities in its various products, including Adobe FrameMaker, Adobe Experience Manager, and Adobe Flash Player. For details about the security bulletins and advisories, visit the following link: https://helpx.adobe.com/security.html (mais…)
Yongyou NC Remote Command Execution Vulnerability Threat Alert
Overview Recently, a domestic security organization released a security advisory to announce a remote code execution vulnerability in Yongyou NC. An attacker could exploit this vulnerability to trigger a deserialization vulnerability via a crafted HTTP request, causing remote code execution on a target server. Yongyou NC is a piece of...
WebSphere Remote Code Execution Vulnerability (CVE-2020-4450) Threat Alert
Vulnerability Description On June 5, Beijing time, IBM released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-4450) in WebSphere Application Server (WAS). This vulnerability is caused by deserialization of the IIOP protocol. An unauthenticated attacker could target the WAS server remotely via the IIOP...
Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution
Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An...
Apache Kylin Remote Code Execution Vulnerability (CVE-2020-1956) Threat Alert
Vulnerability Description Recently, Apache released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-1956) in Apache Kylin. Apache Kylin has some RESTful APIs that will associate OS commands with user-typed strings. As Apache Kylin fails to properly verify user inputs, an attacker could execute arbitrary...
