| New BPS Advisories | D17-yn901 |
|---|
| Name | Info |
|---|---|
| Top Five Encrypted Based Apps 2016 | This traffic mix represents five of the most popular encrypted based applications in 2016. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E17-5zt01 |
BID-96960 CVE-2017-3881 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) SECURITYTRACKER-1038059 URL |
Exploits | This strike exploits a buffer overflow in Cisco IOS Cluster Management Protocol (CMP). The Cluster Management Protocol utilizes telnet for internal communications. However, it does not verify communications are internal, allowing remote connections to send CMP messages. Certain CMP messages with the CISCO_KITS option are vulnerable to a buffer overflow. A remote, unauthenticated attacker can send a specially crafted CMP message to a vulnerable device to exploit this vulnerability. Successful exploitation may result in execution of arbitrary code or cause the device to crash and reload, resulting in a denial of service condition. |
| 10.0 | E17-59j01 |
APSB-17-02 BID-95347 CVE-2017-2935 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-1017 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a heap overflow in AVC header slicing. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in abnormal termination of the flash process. |
| 10.0 | E17-59i01 |
APSB-17-02 BID-95347 CVE-2017-2934 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-1016 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a heap overflow in planar block decompression. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in abnormal termination of the flash process. |
| 10.0 | E17-59h01 |
APSB-17-02 BID-95347 CVE-2017-2933 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-1015 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a heap overflow related to texture compression. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in abnormal termination of the flash process. |
| 9.3 | E17-0bdt1 |
BID-96705 CVE-2017-0145 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) MS17-010 |
Exploits | This strike exploits a vulnerability in parsing an SMB Write AndX Request. The vulnerability is due to a failure to validate length values while parsing a SMB requests. A remote, unauthenticated attacker could exploit this vulnerability to execute arbitrary code on the target system. |
| 9.3 | E17-0bfb8 |
BID-97498 CVE-2017-0199 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a vulnerability in the way Microsoft Office and Wordpad handles linked URL Moniker OLE objects. The vulnerability gives the attacker remote code execution through MSHTA.exe by forcing the response headers to be of type "application/hta." An attacker may exploit this vulnerability by enticing a user to open a specifically crafted RTF document via email or other methods. |
| 7.1 | D17-yn901 |
BPS-2017-0001 CVSS-7.1 (AV:N/AC:M/AU:N/C:N/I:N/A:C) URL URL |
Denial | This strike exploits a flaw in the DNS protocol handling DNAME records in DNS responses that is present in ISC BIND. By sending a DNAME RR with a null root domain, an attacker can generate response traffic up to ten times the size of the request. The amplified responses can be used in a denial-of-service attack towards a spoofed IP. |
| 6.8 | E17-0fgk1 |
BID-96959 CVE-2017-5428 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) |
Exploits | This strike exploits a vulnerability that exists in Mozilla Firefox. Specifically, an integer overflow occurs in the ImageBitmap::Create function that can lead to an out of bounds memory read. A malicious attacker can call the createBitmapImage function with overly large values for arguments triggering this vulnerability. A successful attack can lead to a denial of service condition in the browser, or potentially lead to remote code execution. |
| 4.3 | E17-0bae1 |
BID-96069 CVE-2017-0022 CVSS-4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N) MS17-022 |
Exploits | This strike exploits a vulnerability that exists in Microsoft XML Core Services. Specifically, if the loadXML function is used to reference a portable executable with the res protocol in its URI, the parseError method can return a message up the stack that can be used to identify whether or not the file exists. An attacker can use this method to disclose which portable executables exist on the target's system. |
| 4.0 | E17-0bbm1 |
BID-96655 CVE-2017-0066 CVSS-4.0 (AV:N/AC:H/AU:N/C:P/I:P/A:N) MS17-007 |
Exploits | This strike exploits a vulnerability that exists in Microsoft Edge. Specifically a newly opened window can modify the frame element on another web page. These web pages may be of different origins, which violates the same origin policy. An attacker can employ this attack to potentially disclose information from a victim. |