Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27349 of 28220

CVE-2017-11352

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.

CVE-2017-11347

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and...

CVE-2017-1183

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.

CVE-2017-2241

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to execute arbitrary SQL commands via “File Transfer Web Service”.

CVE-2017-2240

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via “File Transfer Web Service”.

Author: Cyberthreat Blog

CVE-2017-11352

CVE-2017-11347

CVE-2017-1183

CVE-2017-2241

CVE-2017-2240