Microsoft Internet Explorer 11 VBScript memory corruption https://ift.tt/2MnHxf4
A vulnerability classified as critical was found in Microsoft Internet Explorer 11 (Web Browser). Affected by this vulnerability is some unknown processing of the component VBScript. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE definition for the vulnerability is CWE-119. As an impact it is known to affect confidentiality, integrity, and availability. The weakness was published 10/08/2019 as confirmed security update guide (Website). The advisory is shared at portal.msrc.microsoft.com. The public release has been coordinated with Microsoft. This vulnerability is known as CVE-2019-1239 since 11/26/2018. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 09/26/2020). It is expected to see the exploit prices for this product decreasing in the near future. The advisory points out: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability. Similar entry is available at 143064. Type Vendor Name VulDB Meta Base Score: 7.1 VulDB Meta Temp Score: 6.8 VulDB Base Score: 6.3VulDB Temp Score: 6.0VulDB Vector: ?VulDB Reliability: ?Vendor Base Score (Microsoft): 7.5 Vendor Vector (Microsoft): ?NVD Base Score: 7.5NVD Vector: ?
: ?VulDB Temp Score: ?VulDB Reliability: ?NVD Base Score: ?Class: Memory corruption ( CWE-119) Local: No Remote: Yes Availability: ?Status: Not defined Price Prediction: ?Current Price Estimation: ?
Threat IntelligenceinfoeditThreat: ?Adversaries: ?Geopolitics: ?Economy: ?Predictions: ?Remediation: ?Recommended: Patch Status: ?Reaction Time: ?0-Day Time: ?Exposure Time: ?11/26/2018 CVE assigned10/08/2019 +316 days Advisory disclosed10/08/2019 +0 daysCountermeasure disclosed 10/08/2019 +0 days VulDB entry created09/26/2020 +354 days VulDB last updateVendor: https://www.microsoft.com/Advisory: portal.msrc.microsoft.comStatus: Confirmed Coordinated: ?CVE: CVE-2019-1239( ?) See also: ?Created: 10/08/2019 08:52 PM Updated: 09/26/2020 03:45 PM Changes: ?Complete: ?Digital Trends via vuldb.com https://vuldb.com September 26, 2020 at 09:08AM
0 Comments
Microsoft Internet Explorer 9/10/11 VBScript memory corruption https://ift.tt/2VtFieb
A vulnerability classified as critical has been found in Microsoft Internet Explorer 9/10/11 (Web Browser). Affected is an unknown code block of the component VBScript. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119. This is going to have an impact on confidentiality, integrity, and availability. The weakness was shared 10/08/2019 as confirmed security update guide (Website). The advisory is shared for download at portal.msrc.microsoft.com. The vendor cooperated in the coordination of the public release. This vulnerability is traded as CVE-2019-1238 since 11/26/2018. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $5k-$25k (estimation calculated on 09/26/2020). It is expected to see the exploit prices for this product decreasing in the near future. The advisory points out: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability. The entry 143065 is related to this item. Type Vendor Name VulDB Meta Base Score: 6.7 VulDB Meta Temp Score: 6.4 VulDB Base Score: 6.3VulDB Temp Score: 6.0VulDB Vector: ?VulDB Reliability: ?Vendor Base Score (Microsoft): 7.5 Vendor Vector (Microsoft): ?NVD Base Score: 6.4NVD Vector: ?
: ?VulDB Temp Score: ?VulDB Reliability: ?NVD Base Score: ?Class: Memory corruption ( CWE-119) Local: No Remote: Yes Availability: ?Status: Not defined Price Prediction: ?Current Price Estimation: ?
Threat IntelligenceinfoeditThreat: ?Adversaries: ?Geopolitics: ?Economy: ?Predictions: ?Remediation: ?Recommended: Patch Status: ?Reaction Time: ?0-Day Time: ?Exposure Time: ?11/26/2018 CVE assigned10/08/2019 +316 days Advisory disclosed10/08/2019 +0 daysCountermeasure disclosed 10/08/2019 +0 days VulDB entry created09/26/2020 +354 days VulDB last updateVendor: https://www.microsoft.com/Advisory: portal.msrc.microsoft.comStatus: Confirmed Coordinated: ?CVE: CVE-2019-1238( ?) See also: ?Created: 10/08/2019 08:52 PM Updated: 09/26/2020 03:35 PM Changes: ?Complete: ?Digital Trends via vuldb.com https://vuldb.com September 26, 2020 at 09:08AM Microsoft Windows up to Server 2019 Remote Desktop privilege escalation https://ift.tt/2IyPn4d A vulnerability was found in Microsoft Windows (Operating System). It has been rated as critical. This issue affects an unknown code of the component Remote Desktop. Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability. Digital Trends via vuldb.com https://vuldb.com September 26, 2020 at 08:32AM
https://ift.tt/3375YqN
Avoid Germs With These Handy Door-Opening Multi-Tools, 40% Off With Promo Code https://ift.tt/3kSE1bY Social Distancing Multi-Tool | $6 | Amazon | Promo code 40USDX3Q No-Touch Door Opener Tool 2-Pack | $9 | Amazon I don’t know about you, but I hate touching any public surfaces— for obvious reasons, I hope. Unfortunately, it can’t be completed avoided at the grocery store or at the ATM or while running other necessary errands. These multi-tools can help you go touch-free as much as possible, and we found a few good deals. They can pull many types of door handles open, and they also include a bottle opener, and a stylus so you don’t have to touch public keypads. This 2-pack of the tool is at its lowest price in 30 days for $9, normally $14. If you just want to give one a try, you can get $4 off of this highly-rated multi-tool in rose gold or in silver for only $6. To get the $4 discount, use promo code 40USDX3Q at checkout. G/O Media may get a commission Digital Trends via Gizmodo https://gizmodo.com September 26, 2020 at 08:12AM
https://ift.tt/3cxF3aA
Windows XP Source Code Got Leaked All Over the Internet https://ift.tt/2S4KWCw This week, we took an exclusive look at the chaos that unfolded inside Twitter in the hours after the accounts of Elon Musk, Bill Gates, and dozens more got hacked. Twitter has since tightened up its internal security—but with the election a little over a month away, has it done enough? The Justice Department continued its busy month this week, announcing the global arrests of 179 alleged dark web vendors in a coordinated effort with Europol. Authorities credit the takedown of the dark web bazaar Wall Street Market in May of last year with leading them to the suspects. Facebook showed some muscle this week as well, dismantling disinformation networks that originated in China, the Philippines, and most troubling of all Russian military intelligence. And a tip from a kid about a suspicious TikTok profile led researchers to uncover adware in apps that had been collectively downloaded 2.4 million times. We took a spin through the most important privacy and security features in iOS 14, including new ways to keep apps from snooping your camera or mic. We explained why using the single sign-on features offered by Google, Facebook and Apple may not be the safest choice. And we looked at a few Chrome extensions that will cut down on all those pesky trackers. Finally, set aside a little time to get comfy and read this tale of a scandal that rocked the poker world. It'll be worth it. And there's more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there. Windows XP's refusal to die has caused a multitude of security problems; Microsoft stopped officially providing updates to the operating system in 2014, meaning any vulnerabilities largely don't get fixed on the millions of computers that still run it. The situation managed to get even worse this week, as Windows XP source code leaked on the file-sharing site Mega, troll forum 4Chan, and beyond. By combing through source code, hackers can identify potential weak points, making it easier to craft malware that Microsoft likely won't bother defending its zombie OS against. Some reports indicate that the source code has circulated privately for some time now, which may blunt the impact of this wider release. Still, it's not an encouraging development for anyone who hasn't updated their PC in half a decade. The Tribune Publishing Company has weathered a rough few months and beyond, cutting budgets and jobs as the pandemic has ravaged an already at-risk newspaper industry. So employees were surprised to find an email in their inbox celebrating their new bonus of as much as $10,000. The problem? There was no bonus. It was a phishing test to see who would click. Tribune staff broadly decried the move; dangling a false promise of ready cash to people who have seen colleagues let go and may have been anxious about their own futures with the company is certainly one way to trial a phishing scam, but surely there were less cruel options. (Or maybe just give everyone a Yubikey next time?) The name Luxottica might be foreign to you, but you've surely heard of at least one of the brands under the eyewear monolith's umbrella: Oakley, Ray-Ban, LensCrafters, and dozens more. Last weekend, the company suffered a cyberattack that forced it to shut down its operations in Italy and China. As of Tuesday, according to a report from BleepingComputer, business was still very much not back to normal. It's just the latest in a trend of ransomware gangs going after "big game" targets that can afford payoffs in the millions of dollars. Speaking of which! Russian-speaking ransomware gangs typically don't target Russian businesses, in part because the the lines between state-sponsored and for-profit hacking are so blurred. But a group that researchers call OldGremlin has been targeting big businesses there. In fact, it's hitting banks, manufacturing, and other firms exclusively in Russia, according to security firm Group-IB. OldGremlin's methods aren't especially novel; they use spear-phishing attacks to plant a custom backdoor, which they in turn use to download malware to steal an administrator's credentials, and then deploy tailored ransomware. Nothing too crazy! But going after Russia so aggressively is certainly one way to stand out. More Great WIRED Stories Digital Trends via Wired https://ift.tt/2uc60ci September 26, 2020 at 08:06AM CVE-2020-25726 https://ift.tt/2G7mmyi A Directory Traversal issue was discovered on Hak5 WiFi Pineapple Mark VII 1.x before 1.0.1-beta.2020091914551 devices. An unauthenticated user can connect to the wireless management network, including the open wireless network, and access all files and subdirectories under /pineapple/ui, regardless of file permissions. Digital Trends via National Vulnerability Database https://ift.tt/OD63ZH September 25, 2020 at 12:32AM CVE-2018-10432 https://ift.tt/2FPhQ81 Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP). Digital Trends via National Vulnerability Database https://ift.tt/OD63ZH September 25, 2020 at 12:32AM CVE-2018-10585 https://ift.tt/3kLq53B Pexip Infinity before 18 allows remote Denial of Service (XML parsing). Digital Trends via National Vulnerability Database https://ift.tt/OD63ZH September 25, 2020 at 12:32AM CVE-2019-7177 https://ift.tt/305SBoN Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin. Digital Trends via National Vulnerability Database https://ift.tt/OD63ZH September 25, 2020 at 12:32AM CVE-2019-7178 https://ift.tt/2G9aM5E Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup. Digital Trends via National Vulnerability Database https://ift.tt/OD63ZH September 25, 2020 at 12:32AM |
Categories
All
Archives
October 2020
|