VARIoT IoT vulnerabilities database
| VAR-201804-1331 | CVE-2018-7931 | Huawei AppGallery Vulnerabilities related to security functions |
CVSS V2: 4.3 CVSS V3: 4.3 Severity: MEDIUM |
Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism bypass vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism. Huawei AppGallery Contains vulnerabilities related to security features.Information may be tampered with. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Huawei App Market. The issue lies in the lack of verification that content was loaded over a secure channel. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Huawei AppGallery is a software integrated in Huawei mobile phones for downloading third-party applications from Huawei of China
| VAR-201806-1456 | CVE-2018-4204 | plural Apple Used in products Webkit Vulnerability in arbitrary code execution in components |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within of the Array.splice method. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. WebKit is prone to multiple memory corruption vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. Both Apple iOS and Safari are products of Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A memory corruption vulnerability exists in the WebKit component of Apple iOS versions prior to 11.3.1 and Safari versions prior to 11.1. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4)
may be obtained from the Mac App Store. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-06-01-4 iOS 11.4
iOS 11.4 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4215: Abraham Masri (@cheesecakeufo)
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: A validation issue existed in the handling of phone
numbers. This issue was addressed with improved validation of phone
numbers.
CVE-2018-4100: Abraham Masri (@cheesecakeufo)
FontParser
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
iBooks
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
spoof password prompts in iBooks
Description: An input validation issue was addressed with improved
input validation.
CVE-2018-4202: Jerry Decime
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2018-4241: Ian Beer of Google Project Zero
CVE-2018-4243: Ian Beer of Google Project Zero
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A logic issue was addressed with improved validation.
CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
Magnifier
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
view the last image used in Magnifier from the lockscreen
Description: A permissions issue existed in Magnifier. This was
addressed with additional permission checks.
CVE-2018-4239: an anonymous researcher
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exfiltrate the contents of
S/MIME-encrypted e-mail
Description: An issue existed in the handling of encrypted Mail. This
issue was addressed with improved isolation of MIME in Mail.
CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to conduct impersonation attacks
Description: An injection issue was addressed with improved input
validation.
CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: This issue was addressed with improved message
validation.
CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd
CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise
Solutions
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent account
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4223: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Users may be tracked by malicious websites using client
certificates
Description: An issue existed in the handling of S-MIME
certificaties. This issue was addressed with improved validation of
S-MIME certificates.
CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent device
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to modify the state of the Keychain
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4225: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to view sensitive user information
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
enable Siri from the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can
BIKMAZ (@CanBkmaz) of Mustafa Kemal University
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)
Siri Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker with physical access to a device may be able to
see private contact information
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4244: an anonymous researcher
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to a
denial of service
Description: A validation issue existed in the handling of text. This
issue was addressed with improved validation of text.
CVE-2018-4198: Hunter Byrnes
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4201: an anonymous researcher
CVE-2018-4218: Natalie Silvanovich of Google Project Zero
CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils
of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten
Description: A permissions issue existed in the handling of web
browser cookies. This issue was addressed with improved restrictions.
CVE-2018-4232: an anonymous researcher, Aymeric Chaib
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A race condition was addressed with improved locking.
CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat
of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4214: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working
with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4246: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: Credentials were unexpectedly sent when fetching CSS
mask images. This was addressed by using a CORS-enabled fetch method.
CVE-2018-4190: Jun Kokatsu (@shhnjk)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 11.4".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEWpnGpHhyhjM9LuGIyxcaHpDFUHMFAlsRa1ApHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQyxcaHpDFUHObHBAA
jBRwdrK3Eks7V798k16MQFOvlqkofZWO3D+Qxb5OSzxixGy0r/vml78tnerJ546C
p9UrL/1IxH1PERiWevubg6nbWFstBrOhY0FWLiope9oLAMB92iMM/7a+O/6EHjOc
9p6Y/Bud0OwFHEoJmN4HLGMUubm1uTAdalXSmfanxuFvjpxAeczYvW/+wAblOnHr
KfclXy68dfUlW0NMP0kbQwnk1lVrb8QKEeayYli19c8zSVC38eYyKYZwhRC37yWT
ViBRSz9zVvgJQKX4JgjV6cRO3uIFZX+sksr6VdMM0nHjsTUT6Mc+IAe9Is3YlJCO
x0H8+WeloeKrwNDs60Grz7tRNVpevIlInLEQJkuoOD3niWqzt0Q40IzCNlgd8FBv
ZB5iencgWy/ObRJSgoOq29EIlt+KEb9nSJx3h6kByo0ZxYhSVrDm44cHzCF0+/zN
vY4XR3hJpc1S3ySiSkWHIhqjPAEP7cb/D7Az/5SGgle8cklem5haOdzAkeOHnzim
laKEg+F3vue6W+n9iv0x0byVBhC5Xr1iNuRh7+uor5TIVPR2s4moWOWvyTruG2Kk
RLlL700y2OZl/04nTgxxShCwLygXiKd07nuFIh4fKiMcGw31HKx1Choof6sPHqzo
Grg2dx9YQXTCTIsdDNG581MIwzVvJPLSM5OeNsHQEd0=
=7ZCv
-----END PGP SIGNATURE-----
| VAR-201804-0461 | CVE-2017-1473 | IBM Security Access Manager Appliance Vulnerabilities related to cryptographic strength |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 128605. Vendors have confirmed this vulnerability IBM X-Force ID: 128605 It is released as.Information may be obtained. The program enables access management control through integrated devices for web, mobile and cloud computing. An attacker could exploit this vulnerability to decrypt sensitive information
| VAR-201804-1289 | CVE-2018-8880 | Lutron Quantum BACnet Integration Information Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure. Lutron Quantum BACnet Integration is a lighting control system developed by Lutron Electronics in the United States. There is a security vulnerability in Lutron Quantum BACnet Integration version 2.0 using firmware version 3.2.243. The vulnerability stems from the fact that the program does not properly verify the user's request before displaying /deviceIP information. Attackers can exploit this vulnerability to obtain network information
| VAR-201807-0364 | CVE-2018-14060 | Xiaomi R3D In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. Xiaomi R3D The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Xiaomi router R3D is a router.
There is a remote arbitrary command execution vulnerability in the Xiaomi router R3D. An attacker could exploit the vulnerability to remotely execute arbitrary code on an r3d device
| VAR-201807-0387 | CVE-2018-14010 | plural Xiaomi In product OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. plural Xiaomi The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Xiaomi routers R3D / R3P / R3C / R3 are all router products.
There is a remote arbitrary command execution vulnerability in the wi-fi setting function of several Xiaomi routers. An attacker could use this vulnerability to execute arbitrary code remotely
| VAR-201804-1748 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1755 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1751 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1754 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1745 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1746 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1747 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Double Free Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1750 | No CVE | (0Day) Advantech WebAccess HMI Designer PM2 File Conversion Double Free Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the conversion of a PM2 file to the PM3 format. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1756 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1752 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1749 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1753 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-1757 | No CVE | (0Day) Advantech WebAccess HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of a PM3 file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
| VAR-201804-0273 | CVE-2014-0927 | IBM Sterling B2B Integrator and IBM Sterling File Gateway Authentication vulnerability |
CVSS V2: 4.3 CVSS V3: 8.1 Severity: HIGH |
The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port number and webapp path. IBM X-Force ID: 92259. Vendors have confirmed this vulnerability IBM X-Force ID: 92259 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network