Microsoft Excel – Information Disclosure Vulnerability

 

Description: An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. 

Threat: An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1112

 

VLC Media Player – Heap Buffer Overflow Vulnerability

 

Description:  VideoLAN VLC media player 3.0.7.1 has a heap-based buffer overflow. Playing any untrusted video files on it might allow hackers to remotely take control over your systems.

Threat:  An attacker who exploited the vulnerability could execute arbitrary code and disclose information.

Criticality: High

Update/Patch: https://nvd.nist.gov/vuln/detail/CVE-2019-13615#vulnCurrentDescriptionTitle

 

Ellucian Banner Web Tailor – Improper Authentication Vulnerability

 

Description: This vulnerability is produced when SSO Manager is used as the authentication mechanism for Web Tailor

Threat: An attacker who exploited the vulnerability could steal a victim’s session by repeatedly requesting the initial Banner Web Tailor main page with the IDMSESSID cookie set to the victim’s UDCID. 

Criticality: High

Update/Patch: https://nvd.nist.gov/vuln/detail/CVE-2019-8978#vulnCurrentDescriptionTitle

 

0 Comments

Submit a Comment

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Register your email to receive the latest news and updates from getNEXT.

You have Successfully Subscribed!

Share This