Microsoft Excel – Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it.
Threat: An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.
Criticality: High
Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1112
VLC Media Player – Heap Buffer Overflow Vulnerability
Description: VideoLAN VLC media player 3.0.7.1 has a heap-based buffer overflow. Playing any untrusted video files on it might allow hackers to remotely take control over your systems.
Threat: An attacker who exploited the vulnerability could execute arbitrary code and disclose information.
Criticality: High
Update/Patch: https://nvd.nist.gov/vuln/detail/CVE-2019-13615#vulnCurrentDescriptionTitle
Ellucian Banner Web Tailor – Improper Authentication Vulnerability
Description: This vulnerability is produced when SSO Manager is used as the authentication mechanism for Web Tailor
Threat: An attacker who exploited the vulnerability could steal a victim’s session by repeatedly requesting the initial Banner Web Tailor main page with the IDMSESSID cookie set to the victim’s UDCID.
Criticality: High
Update/Patch: https://nvd.nist.gov/vuln/detail/CVE-2019-8978#vulnCurrentDescriptionTitle
0 Comments