Posted on

CVE-2018-1000216 (cjson)

Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could be either local or over a network. This vulnerability appears to have been fixed in 1.7.3.

Posted on

CVE-2018-1000215 (cjson)

Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service (DoS). This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This vulnerability appears to have been fixed in 1.7.7.

Posted on

Adobe Acrobat Reader prior 9.0 memory corruption [CVE-2010-2211]

A vulnerability was found in Adobe Acrobat Reader and classified as critical. Affected by this issue is an unknown function. Upgrading to version 9.0 eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 10474.

Posted on

CVE-2018-0412 (wap121_firmware, wap125_firmware, wap131_firmware, wap150_firmware, wap321_firmware, wap351_firmware, wap361_firmware, wap371_firmware)

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of the encryption algorithm that is used between an authenticator (access point) and a supplicant (Wi-Fi client). The vulnerability is due to the improper processing of certain EAPOL messages that are received during the Wi-Fi handshake process. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between a supplicant and an authenticator and manipulating an EAPOL message exchange to force usage of a WPA-TKIP cipher instead of the more secure AES-CCMP cipher. A successful exploit could allow the attacker to conduct subsequent cryptographic attacks, which could lead to the disclosure of confidential information. Cisco Bug IDs: CSCvj29229.

Posted on

Adobe Acrobat Reader 8.2.3 CoolType.dll memory corruption

A vulnerability was found in Adobe Acrobat Reader 8.2.3. It has been classified as critical. This affects an unknown function in the library CoolType.dll. Upgrading eliminates this vulnerability. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 10821.

Posted on

CVE-2018-0410 (web_security_appliance)

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610.

Posted on

Adobe Acrobat Reader prior 9.0 memory corruption [CVE-2010-2212]

A vulnerability was found in Adobe Acrobat Reader. It has been classified as critical. This affects an unknown function. Upgrading to version 9.0 eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 10176.

Posted on

CVE-2016-8526 (airwave)

Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attack vector. Because the XML parser has access to the local filesystem and runs with the permissions of the web server, it can access any file that is readable by the web server and copy it to an external system of the attacker’s choosing. This could include files that contain passwords, which could then lead to privilege escalation.