LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. NOTE: this is similar to CVE-2017-10671, but occurs in a different part of the de_dotdot function. ![]() This can triggered with an HTTP GET request for a crafted filename. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapping memory ranges being passed to memcpy. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue.Īn issue was discovered in sthttpd through 2.27.1. ![]() A default setting for the type whitelisting feature in more current versions of ASP.NET AJAX prevents exploitation.Īn out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). ![]() An attacker can leverage this vulnerability when the encryption keys are known (due to the presence of CVE-2017-11317, CVE-2017-11357, or other means). This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An issue was discovered in Quest KACE Desktop Authority before 11.2.
0 Comments
Leave a Reply. |