| Ticket | Info |
|---|---|
| DE10173 | Fixed an issue where "Expires" header was incorrect in some HTTP based applications. |
| DE10480 | Exclude strike for CVE-2018-5391 when running IPv6 NN tests. |
| DE10491 | The Proxy Mode parameter exposed in several HTTP requests was renamed to Explicit Proxy Mode. There are now two cases when this setting can be enabled. The first option should be selected when the proxy and server listen on the same port. As a result, the Request-URI and Host header will include the server hostname followed by the port if it is a non-standard one. The second option should be selected when the proxy and server listen on different ports, in which case the Request-URI and Host header will contain only the server hostname. |
| DE9985 | Improvements in the HTML file generator were made that reduce the initialization time. |
| DE10490 | Corrected the issue with "HTTP Live Streaming (HLS)" protocol ignoring the UI-selected user-agent. |
| Ticket | Info |
|---|---|
| US96760 | Added support for simulation when using TCP as a transport layer in the OpenVPN protocol. When enabled, the length header will be inserted into the protocol, and fragmentation will be disabled. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 9.0 | E19-0r6i2 |
BID-106876 CVE-2019-0630 CVSS-9.0 (AV:N/AC:L/AU:S/C:C/I:C/A:C) |
Exploits | This strike exploits an integer overflow vulnerability in Microsoft Windows SMB Server. The vulnerability is due to improper handling of SMBv2 requests. A remote, authenticated attacker could exploit this vulnerability to execute arbitrary code on the target system. |
| 7.6 | E19-0xb22 |
CVE-2019-8558 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) GOOGLE-1783 |
Exploits | This strike exploits a vulnerability in Apple Webkit JavaScriptCore. Specifically, the vulnerability exists when a Watchpoint jettisons code that has already been freed. This causes a Use-After-Free condition to occur. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | E19-0x9y1 |
CVE-2019-8518 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) GOOGLE-1775 |
Exploits | This strike exploits a vulnerability in Apple Webkit JavaScriptCore. Specifically, the vulnerability exists during JIT compilation in FTL. It occurs when a loop-invariant code motion moves access to an array before a bounds check occurs. When this happens a denial of service condition, or potentially remote code execution, may occur. |
| 7.5 | E19-7nhd1 |
CVE-2019-10945 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-46710 |
Exploits | This strike exploits a directory traversal vulnerability in Joomla Core 1.5.0 - 3.9.4. The vulnerability is due to the improper sanitization of requests sent to the application. An attacker could exploit this vulnerability by sending crafted HTTP traffic to the target server. Successful exploitation could lead to file access outside the media manager root directory. |
| 7.5 | E19-0st51 |
CVE-2019-2729 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike simulates a remote code execution attack on Oracle Weblogic Server. The flaw is due to lack of authentication and input sanitization when the server receives SOAP calls. By exploiting a vulnerable system, a remote unauthenticated attacker is able to execute arbitrary commands on the target system. |
| 7.5 | E19-0p1d1 |
CVE-2018-7841 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | An OS command injection exists in Schneider Electric U.Motion Builder. The flaw, located in 'track_import_export.php', is a result of lack of user-supplied data sanitization and may be exploited via the 'object_id' parameter. A remote unauthenticated attack may lead to arbitrary OS commands being issued on the host system. |
| 7.5 | E19-7mv91 |
BID-108679 CVE-2019-10149 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-46996 |
Exploits | A remote command execution exists in Exim versions 4.87 to 4.91, due to lack of user input sanitization when processing 'RCPT TO' and 'MAIL FROM' commands. Successful attack results in remote command execution with 'root' privileges. |
| 7.5 | E19-5lqr1 |
BID-105506 CVE-2018-15379 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-45555 URL |
Exploits | This strike exploits a remote code execution vulnerability found in Cisco Prime Infrastructure Web server. The vulnerability is due to improper directory permissions. An unauthenticated attacker could exploit this vulnerability by crafting a special HTTP POST request. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system. |
| 4.3 | E19-0rg11 |
CVE-2019-0961 CVSS-4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N) URL ZDI-19-472 |
Exploits | This strike exploits a information disclosure vulnerability in the GDI+ (Graphics Device Interface) module of Microsoft Windows. The vulnerability is due to improper handling of EMF records in memory. The vulnerability can be exploited by crafting a malicious EMF file and enticing a user to download and open it. Successful exploitation could result in an information leak which could be used to further compromise the target system. As an evation, the EMF file can be included in a .docx file. |
| 4.0 | E19-0s3v1 |
BID-108351 CVE-2019-1819 CVSS-4.0 (AV:N/AC:L/AU:S/C:P/I:N/A:N) |
Exploits | This strike exploits a directory traversal vulnerability in Cisco Prime Infrastructure EPNM. The vulnerability is due to improper sanitization of the "downloadDirectory" parameter. By successfully exploiting this vulnerability, a remote, unauthenticated attacker could retrieve arbitrary files from the target server. |