CVE-2017-9660
A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. A heap-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code...
Read MoreAuthor: Cyberthreat Blog
CVE-2017-9661
An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a...
Read MoreSometimes it's just SPAM, (Mon, Aug 14th)
A reader forwarded us a suspicious email. It contained a URL, and I downloaded the content with a method similar to what Lenny explained in this diary entry. Here is the content of the html page: There are several methods to...
Read MoreCVE-2017-9802
The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript ‘eval’ function to parse input strings, which allows for XSS attacks by passing specially crafted input...
Read MoreThe Good Phishing Email, (Sun, Aug 13th)
Readers submit all kinds of malware to the Internet Storm Center: executables, documents, emails, … This week I took a look at a phishing email submitted by a reader. Going through the headers, I spotted the following:...
Read More