誤りがあった場合はTwitterに報告をお願いします。-> Twitter《Har-sia》
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
This indicates an attack attempt to exploit a Remote Command Execution Vulnerability in vBulletin.The vulnerability is due to an input validation error while parsing a HTTP request in the vulnerable module. A remote attacker could exploit this to execute arbitrary code execution within the context of the application, via a crafted HTTP request.
vBulletin Version 5
System Compromise: Remote attackers can gain control of vulnerable systems.
Currently, we are not aware of any vendor supplied patch for this issue.
Highest Score:38 (2020/08/11)
脆弱性情報:Har-sia CVE-2019-16759
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'.
Highest Score:53 (2020/08/12)
脆弱性情報:Har-sia CVE-2020-1337
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1555, CVE-2020-1570.
Highest Score:43 (2020/08/12)
脆弱性情報:Har-sia CVE-2020-1380
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.
Highest Score:37 (2020/08/19)
脆弱性情報:Har-sia CVE-2020-1464
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
Highest Score:37 (2020/08/12)
脆弱性情報:Har-sia CVE-2020-1472
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
計5件
Tweet