Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27187 of 28220

CVE-2017-12414

Posted by Cyberthreat Blog | Aug 3, 2017 | CVE Notifications |

Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll.

CVE-2017-1504

Posted by Cyberthreat Blog | Aug 3, 2017 | CVE Notifications |

IBM WebSphere Application Server version 9.0.0.4 could provide weaker than expected security after using the PasswordUtil command to enable AES password encryption. IBM X-Force ID: 129579.

Using a Raspberry Pi honeypot to contribute data to DShield/ISC, (Thu, Aug 3rd)

Posted by Cyberthreat Blog | Aug 3, 2017 | SANS ISC Bulletins |

We have been working for a while now on a honeypot based on a Raspberry Pi. Thanks to our volunteers, we now have a version of the honeypot that provides us not just with the firewall data that we usually collect, but also with...

CVE-2017-7442

Posted by Cyberthreat Blog | Aug 3, 2017 | CVE Notifications |

Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.

CVE-2017-11320

Posted by Cyberthreat Blog | Aug 3, 2017 | CVE Notifications |

Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router.

Author: Cyberthreat Blog

CVE-2017-12414

CVE-2017-1504

Using a Raspberry Pi honeypot to contribute data to DShield/ISC, (Thu, Aug 3rd)

CVE-2017-7442

CVE-2017-11320