(Report ID: 201827)
Internet Threat Status
CVE Statistics
The number of new CVE IDs increased considerably last week.
Threat Review
XXE in WeChat Pay Sdk|WeChat leave a backdoor on merchant websites (07-01-2018)
A payment security researcher found an XXE vulnerability in the JAVA version SDK. The attacker can build malicious payload towards the notification URL to steal any information of the merchant server as he or she wants. Once the attacker gets the crucial security key (md5-key and merchant-Id etc.) of the merchant , he can even make purchase without paying by just sending forged info to deceive the merchants. http://seclists.org/fulldisclosure/2018/Jul/3
WordPress 4.9.7 Security and Maintenance Release (07-05-2018)
WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads directory.Now it has been fixed by in WorldPress 4.9.7. Users are strongly advised to update their sites immediately. https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
Google July 2018 Android patches fixes critical vulnerabilities (07-06-2018)
Last week,Google released the July 2018 Android patches that address a total of 11 vulnerabilities, including three Critical issues and 8 High-risk flaws that affect the framework, media framework, and system. The most severe vulnerability affecting the Framework (CVE-2018-9433) could be exploited by a remote attacker using a specially crafted pac file to execute arbitrary code within the context of a privileged process. Affected Android versions are Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. https://securityaffairs.co/wordpress/74230/security/google-july-2018-android-patches.html
Researchers Create Attacks That Compromise LTE Data Communication (07-02-2018)
Newly devised attacks on the Long Term Evolution (LTE) high-speed wireless
standard break the confidentiality and privacy of communication, a team of
researchers claim. https://www.securityweek.com/researchers-create-attacks-compromise-lte-data-communication
Flaws Expose Siemens Central Plant Clocks to Attacks (07-03-2018)
Siemens informed customers on Tuesday that some of its SICLOCK central
plant clocks are affected by several vulnerabilities, including ones that have been
rated “critical.” https://www.securityweek.com/flaws-expose-siemens-central-plant-clocks-attacks
(Compiled by: NSFOCUS TI & Cybersecurity Lab)
Vulnerability Research
Updates of NSFOCUS’s Vulnerability Database
As of 6 July 2018, there have been 40,314 vulnerabilities in NSFOCUS’s vulnerability database. Among 92 vulnerabilities that were newly-added last week, 18 were high-risk ones, 40 were of medium severity, and 34 were low-risk vulnerability.
Mozilla Firefox/Firefox ESR Integer Overflow Vulnerability (CVE-2018-12361)
Severity: Critical
CVE ID: CVE-2018-12361
Mozilla Firefox/Firefox ESR Same-origin Policy Bypass Vulnerability (CVE-2018-12358)
Severity: Critical
BID: 104562
CVE ID: CVE-2018-12358
Mozilla Firefox/Firefox ESR Security Bypass Vulnerability (CVE-2018-12370)
Severity: Low
BID: 104562
CVE ID: CVE-2018-12370
Mozilla Firefox/Firefox ESR Security Bypass Vulnerability (CVE-2018-12367)
Severity: Medium
BID: 104561
CVE ID: CVE-2018-12367
Mozilla Firefox/Firefox ESR Security Bypass Vulnerability (CVE-2018-12369)
Severity: Medium
BID: 104561
CVE ID:CVE-2018-12369
Mozilla Firefox/Firefox ESR Integer Overflow Vulnerability (CVE-2018-12371)
Severity: Medium
CVE ID: CVE-2018-12371
Mozilla Firefox/Firefox ESR Denial of Service Vulnerability (CVE-2018-5156)
Severity: Critical
CVE ID: CVE-2018-5156
Mozilla Firefox/Firefox ESR Use After Free Vulnerability(CVE-2018-12360)
Severity: Critical
BID: 104555
CVE ID: CVE-2018-12360
Mozilla Firefox/Firefox ESR Use After Free Vulnerability (CVE-2018-12359)
Severity: Critical
BID: 104555
CVE ID: CVE-2018-12359
Mozilla Firefox/Firefox ESR Arbitray Code Execution Vulnerability (CVE-2018-12368)
Severity: Medium
BID: 104560
CVE ID: CVE-2018-12368
Mozilla Firefox/Firefox ESR Information Disclosure Vulnerability (CVE-2018-12366)
Severity: Medium
BID: 104560
CVE ID: CVE-2018-12366
Mozilla Firefox/Firefox ESR Information Disclosure Vulnerability(CVE-2018-12365)
Severity: Medium
BID: 104560
CVE ID: CVE-2018-12365
Mozilla Firefox/Firefox ESR Cross Site Request Forgery Vulnerability (CVE-2018-12364)
Severity: Critical
BID: 104560
CVE ID: CVE-2018-12364
Mozilla Firefox/Firefox ESR Use After Free Vulnerability (CVE-2018-12363)
Severity: Critical
BID: 104560
CVE ID: CVE-2018-12363
Mozilla Firefox/Firefox ESR Integer Overflow Vulnerability (CVE-2018-12362)
Severity: Critical
BID: 104560
CVE ID: CVE-2018-12362
Mozilla Firefox/Firefox ESR Memory Corruption Vulnerability (CVE-2018-5186)
Severity: Critical
BID: 104557
CVE ID: CVE-2018-5186
Mozilla Firefox/Firefox ESR Memory Corruption Vulnerability (CVE-2018-5187)
Severity: Critical
BID: 104556
CVE ID: CVE-2018-5187
Mozilla Firefox/Firefox ESR Memory Corruption Vulnerability(CVE-2018-5188)
Severity: Critical
BID: 104555
CVE ID: CVE-2018-5188
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1715)
Severity: Low
CVE ID: CVE-2017-1715
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1717)
Severity: Low
CVE ID: CVE-2017-1717
IBM RQM/RCLM Information Disclosure Vulnerability (CVE-2017-1691)
Severity: Low
CVE ID: CVE-2017-1691
ImageMagick Denial of Service Vulnerability (CVE-2018-11656)
Severity: Medium
CVE ID: CVE-2018-11656
ImageMagick Denial of Service Vulnerability (CVE-2018-11251)
Severity: Medium
CVE ID: CVE-2018-11251
ImageMagick Denial of Service Vulnerability (CVE-2018-11655)
Severity: Medium
CVE ID: CVE-2018-11655
ImageMagick Denial of Service Vulnerability (CVE-2017-18273)
Severity: Medium
CVE ID: CVE-2017-18273
ImageMagick Denial of Service Vulnerability (CVE-2017-18271)
Severity: Medium
CVE ID: CVE-2017-18271
ImageMagick Denial of Service Vulnerability (CVE-2017-18272)
Severity: Medium
CVE ID: CVE-2017-18272
ImageMagick Denial of Service Vulnerability (CVE-2017-17914)
Severity: Medium
CVE ID: CVE-2017-17914
ImageMagick Memory Leak Vulnerability (CVE-2017-17887)
Severity: Medium
CVE ID: CVE-2017-17887
ImageMagick Memory Leak Vulnerability (CVE-2017-17886)
Severity: Medium
CVE ID:CVE-2017-17886
ImageMagick Memory Leak Vulnerability (CVE-2017-17885)
Severity: Medium
CVE ID: CVE-2017-17885
ImageMagick Denial of Service Vulnerability (CVE-2017-17884)
Severity: Medium
CVE ID: CVE-2017-17884
ImageMagick Denial of Service Vulnerability (CVE-2017-17881)
Severity: Medium
CVE ID: CVE-2017-17881
ImageMagick Denial of Service Vulnerability (CVE-2017-17882)
Severity: Medium
CVE ID: CVE-2017-17882
ImageMagick Denial of Service Vulnerability (CVE-2017-17883)
Severity: Medium
CVE ID: CVE-2017-17883
ImageMagick Heap Buffer Overflow Vulnerability (CVE-2017-17504)
Severity: Medium
CVE ID:CVE-2017-17504
GraphicsMagick Buffer Overflow Vulnerability (CVE-2017-17912)
Severity: Medium
CVE ID: CVE-2017-17912
GraphicsMagick Buffer Overflow Vulnerability (CVE-2017-17783)
Severity: Medium
CVE ID: CVE-2017-17783
GraphicsMagick Buffer Overflow Vulnerability (CVE-2017-17782)
Severity: Medium
CVE ID: CVE-2017-17782
GraphicsMagick Buffer Overflow Vulnerability (CVE-2017-17915)
Severity: Medium
CVE ID: CVE-2017-17915
Medtronic MyCareLink Patient Monitor Debug Function Privilege Escalation Vulnerability(CVE-2018-8868)
Severity: Medium
CVE ID: CVE-2018-8868
Linux kernel fs/xfs/libxfs/xfs_attr_leaf.c Denial of Service Vulnerability (CVE-2018-13094)
Severity: Medium
CVE ID: CVE-2018-13094
Linux kernel lookup_slow() Denial of Service Vulnerability (CVE-2018-13093)
Severity: Low
CVE ID: CVE-2018-13093
Linux kernel fs/f2fs/super.c Denial of Service Vulnerability(CVE-2018-13096)
Severity: Low
CVE ID: CVE-2018-13096
Linux kernel fs/xfs/libxfs/xfs_inode_buf.c Denial of Service Vulnerability (CVE-2018-13095)
Severity: Medium
CVE ID: CVE-2018-13095
Medtronic MyCareLink Patient Monitor Hardcoded Password Vulnerability (CVE-2018-8870)
Severity: Medium
CVE ID: CVE-2018-8870
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1592)
Severity: Low
CVE ID: CVE-2017-1592
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1250)
Severity: Low
CVE ID: CVE-2017-1250
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1277)
Severity: Low
CVE ID: CVE-2017-1277
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1275)
Severity: Low
CVE ID: CVE-2017-1275
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1281)
Severity: Low
CVE ID: CVE-2017-1281
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1280)
Severity: Low
CVE ID: CVE-2017-1280
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1293)
Severity: Low
CVE ID: CVE-2017-1293
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1294)
Severity: Low
CVE ID: CVE-2017-1294
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1313)
Severity: Low
CVE ID: CVE-2017-1313
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1312)
Severity: Low
CVE ID: CVE-2017-1312
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1306)
Severity: Low
CVE ID: CVE-2017-1306
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1299)
Severity: Low
CVE ID: CVE-2017-1299
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1314)
Severity: Low
CVE ID: CVE-2017-1314
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1315)
Severity: Low
CVE ID: CVE-2017-1315
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1316)
Severity: Low
CVE ID: CVE-2017-1316
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1317)
Severity: Low
CVE ID: CVE-2017-1317
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1561)
Severity: Low
CVE ID: CVE-2017-1561
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1564)
Severity: Low
CVE ID: CVE-2017-1564
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1562)
Severity: Low
CVE ID: CVE-2017-1562
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1565)
Severity: Low
CVE ID: CVE-2017-1565
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1568)
Severity: Low
CVE ID: CVE-2017-1568
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1608)
Severity: Low
CVE ID: CVE-2017-1608
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1690)
Severity: Low
CVE ID: CVE-2017-1690
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1652)
Severity: Low
CVE ID: CVE-2017-1652
IBM RQM/RCLM Cross-site Scripting Vulnerability (CVE-2017-1651)
Severity: Low
CVE ID: CVE-2017-1651
SICLOCK TC100/TC400 Arbitray Code Execution Vulnerability (CVE-2018-4853)
Severity: Critical
CVE ID: CVE-2018-4853
SICLOCK TC100/TC400 Denial of Service Vulnerability (CVE-2018-4851)
Severity: Critical
CVE ID: CVE-2018-4851
SICLOCK TC100/TC400 Security Bypass Vulnerability (CVE-2018-4852)
Severity: Critical
CVE ID: CVE-2018-4852
SICLOCK TC100/TC400 Information Disclosure Vulnerability (CVE-2018-4855)
Severity: Critical
CVE ID: CVE-2018-4855
SICLOCK TC100/TC400 Arbitray Code Execution Vulnerability (CVE-2018-4854)
Severity: Critical
CVE ID: CVE-2018-4854
SICLOCK TC100/TC400 Access Control Vulnerability(CVE-2018-4856)
Severity: Low
CVE ID: CVE-2018-4856
Schneider Electric U.motion Builder Xmlserver SQL Injection Vulnerability (CVE-2018-7769)
Severity: Medium
CVE ID: CVE-2018-7769
Schneider Electric U.motion Builder Loadtemplate SQL Injection / Remote Code Execution Vulnerability (CVE-2018
-7768)
Severity: Medium
CVE ID: CVE-2018-7768
Schneider Electric U.motion Builder Editobject SQL Injection / Remote Code Execution Vulnerability (CVE-2018-
7767)
Severity: Medium
CVE ID: CVE-2018-7767
Schneider Electric U.motion Builder Track_getdata SQL Injection / Remote Code Execution Vulnerability(CVE-2018
-7766)
Severity: Medium
CVE ID: CVE-2018-7766
Schneider Electric U.motion Builder Track_import_export SQL Injection Vulnerability (CVE-2018-7765)
Severity: Critical
CVE ID: CVE-2018-7765
Schneider Electric U.motion Builder Runscript Directory Traversal Vulnerability / Information Disclosure
Vulnerability(CVE-2018-7764)
Severity: Low
CVE ID: CVE-2018-7764
Schneider Electric U.motion Builder Css.inc Directory Traversal Vulnerability / Information Disclosure
Vulnerability(CVE-2018-7763)
Severity: Low
CVE ID: CVE-2018-7763
Schneider Electric U.motion Builder sendmail.php Information Disclosure Vulnerability (CVE-2018-7770)
Severity: Medium
CVE ID: CVE-2018-7770
Schneider Electric U.motion Builder Editscript Directory Traversal Vulnerability (CVE-2018-7771)
Severity: Medium
CVE ID: CVE-2018-7771
Schneider Electric U.motion Builder HTTP Cookie SQL Injection /Remote Code Execution Vulnerability(CVE-2018-7772)
Severity: Medium
CVE ID: CVE-2018-7772
Schneider Electric U.motion Builder Nfcserver SQL Injection / Remote Code Execution Vulnerability (CVE-2018-7773)
Severity: Medium
CVE ID: CVE-2018-7773
Schneider Electric U.motion Builder Localize SQL Injection / Remote Code Execution Vulnerability (CVE-2018-7774)
Severity: Medium
CVE ID: CVE-2018-7774
Schneider Electric U.motion Builder error.php Information Disclosure Vulnerability(CVE-2018-7775)
Severity: Medium
CVE ID: CVE-2018-7775
Schneider Electric U.motion Builder Remote Code Execution Vulnerability(CVE-2018-7777)
Severity: Critical
CVE ID: CVE-2018-7777
Schneider Electric U.motion Builder update_file Information Disclosure Vulnerability(CVE-2018-7776)
Severity: Medium
CVE ID: CVE-2018-7776
(Source:NSFOCUS Security Research & Product Groups)
Vulnerability in the Spotlight
Mozilla Firefox Integer Overflow Vulnerability
NSFOCUS ID: 40237
CVE ID: CVE-2018-12362
Affected Versions:Mozilla Firefox < 61
Comments:
Firefox is an open-source Web browser.An integer overflow vulnerability was found during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler. With this vulnerability, an attacker could use a specially crafted website to execute arbitrary code or cause denail of service. The vendor has released patches to fix it. Users are advised to download the patches at the vendor’s website.
(Source:NSFOCUS Security Research & Product Groups)
