| Ticket | Info |
|---|---|
| DE9764 | Fixed the issue of incorrect length of optional fields (such as password length) when using tokens. |
| Ticket | Info |
|---|---|
| US88111 | 10 new SSL keys and certificates (5 client pairs and 5 server pairs) were created. The key length ranges from 512 bytes to 4096 bytes and certificates have SHA256 signature.The newly added TLSv1.x Average HTTPS 2018 SuperFlows are using the 2048 byte key. They are all the same except with different TLS versions 1.0/1.1/1.2. |
| Name | Category | Info |
|---|---|---|
| TLSv1.0 Average HTTPS 2018 | Testing and Measurement | Simulates HTTP 1.1 over TLSv1.0 sessions exchanging an average-sized web page as of 2018. |
| TLSv1.1 Average HTTPS 2018 | Testing and Measurement | Simulates HTTP 1.1 over TLSv1.1 sessions exchanging an average-sized web page as of 2018. |
| TLSv1.2 Average HTTPS 2018 | Testing and Measurement | Simulates HTTP 1.1 over TLSv1.2 sessions exchanging an average-sized web page as of 2018. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E18-0jxc1 |
BID-103039 CVE-2018-1216 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits an authentication bypass on Dell EMC VMAX Virtual Appliance Manager. This vulnerability is due to improper use of an account "smc" which is not documented. A remote attacker can exploit this vulnerability by sending hardcoded account and password to the system. Successful exploitation results in authentication bypass on target server. |
| 10.0 | E17-m9va1 |
BID-100467 CVE-2017-12542 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) SECURITYTRACKER-1039222 URL |
Exploits | This strike exploits an authentication bypass vulnerability in HPE Integrated Lights-out (iLO 4). This vulnerability is due to inadequate input filtering in the HTTP Connection header. The vulnerability could be exploited remotely by creating an administrator account and then execution of code. |
| 9.3 | E18-maz42 |
BID-103597 CVE-2018-1012 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) SECURITYTRACKER-1040656 URL |
Exploits | This strike exploits a vulnerability in the Windows Font Library. The vulnerability is caused by improper handling of a Format 12 mapping tables in a TrueType Font file. A remote attacker could exploit the vulnerability to execute arbitrary code or cause a denial of service by enticing a user to open a specially crafted TrueType file. |
| 9.3 | E18-0jmw1 |
BID-102886 CVE-2018-0840 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-44077 GOOGLE-1438 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in Javascript Chakra engine. It is possible to craft Javascript in such a way that will bypass the ImplicitCallFlags check by throwing an exception. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.9 | E18-0juf1 |
BID-104195 CVE-2018-1111 CVSS-7.9 (AV:A/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-44652 |
Exploits | This strike exploits a command injection vulnerability in the Red Hat Network Manager. The vulnerability is due to improper validation of DHCP 'Option Message' field within the DHCP Offer packet sent by the DHCP server. A remote attacker could exploit this vulnerability by sending malicious DHCP responses to the target machine. Successful exploitation could result in arbitrary command execution with root privileges. |
| 7.6 | D18-0jng1 |
BID-102883 CVE-2018-0860 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-44076 GOOGLE-1437 |
Denial | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in Javascript Chakra engine. It is possible to craft Javascript in a way that can abuse the Object.prototype.valueOf method to return 'this', and can use it as the getter to return an array object on the stack. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | D18-0jmt1 |
BID-102876 CVE-2018-0837 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-44081 GOOGLE-1464 |
Denial | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in Javascript Chakra engine. It is possible to craft Javascript in such a way that type confusion can occur when handling LdThis objects. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.2 | E18-mb4h1 |
BID-104034 CVE-2018-8120 CVSS-7.2 (AV:L/AC:L/AU:N/C:C/I:C/A:C) SECURITYTRACKER-1040849 URL |
Exploits | This strike exploits an elevation of privilege vulnerability in Windows. The vulnerability is due to the Win32k component fails to properly handle objects in memory. Attacker can take advantage of this vulnerability to execute malicious commands as SYSTEM. |
| 6.8 | E18-0qo61 |
CVE-2018-9958 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) ZDI-18-332 |
Exploits | This strike exploits a use-afer-free vulnerability in Foxit Reader. The vulnerability is due to improper initialization of a pointer prior to accessing it. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PDF file, resulting in possible execution of arbitrary code. |
| 6.8 | E18-0mt11 |
CVE-2018-4949 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL ZDI-18-437 |
Exploits | This strike exploits an integer overflow vulnerability in Adobe Acrobat Reader ImageConversion component. The vulnerability is due to improper parsing of EmfPlusDrawBeziers data records in an EMF file. Successful exploitation may result in execution of arbitrary code with user privileges. Failure to exploit will not typically result in a crash. |
| 6.5 | E18-5jmk1 |
CVE-2018-12636 CVSS-6.5 (AV:N/AC:L/AU:S/C:P/I:P/A:P) EXPLOITDB-44943 |
Exploits | This Strike exploits a blind SQL injection in WordPress iThemes Security plugin. The vulnerability is due to insufficient user input sanitization passed to 'orderby' parameter. A specially crafted HTTP GET request can cause a SQLi in the context of the database user. |
| 6.5 | E18-5jlx1 |
BID-104532 CVE-2018-12613 CVSS-6.5 (AV:N/AC:L/AU:S/C:P/I:P/A:P) EXPLOITDB-44924 |
Exploits | This strike exploits a file inclusion vulnerability in phpmyadmin 4.8.1. The vulnerability is caused by insufficient validation of user input on HTTP requests which are used to create file include queries. Successful exploitation could allow an attacker to have read/execute access on the target server. |
| 4.3 | E18-0n9q1 |
CVE-2018-5550 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) SCIP-113045 URL |
Exploits | This strike exploits a cross-site scripting vulnerability in Epson's web configuration page for AirPrint in certain Epson printer products. This vulnerability is due to inadequate input filtering in INPUTT_GEOLOCATION parameter. By exploiting this vulnerability an attacker could execute arbitrary scripts on the target machine. |
| 3.5 | E18-8vo01 |
CVE-2018-1000528 CVSS-3.5 (AV:N/AC:M/AU:S/C:N/I:P/A:N) URL |
Exploits | This strike exploits a cross-site scripting vulnerability in GOsa, a web-based LDAP administration program. This vulnerability is due to inadequate input filtering in the web interface, while changing the password within 'password.php' form. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser. |