Category Archives: Vulnerability Assessment

Over 100 Security Flaws Update Fixed By Foxit Reader

The recently announced Foxit Reader 9.3 carries along fixes for over hundred security vulnerabilities, containing some that could result in distant code implementation. Foxit Software developed by California-based, the Foxit Reader is a freemium multilingual tool that permits users to generate, view, edit, digitally sign, and printing of the Portable Document Format files. According to Foxit, the reader has about hundreds of millions of users.

Continue reading

Fixes Acquirable For Microsoft JET Database Zero-Day

Non-official fix is already acquirable for the unfixed Microsoft JET Database Engine flaw that Trend Micro’s Zero Day Initiative created public previous week. The security vulnerability, an out-of-bounds write in the JET Database Engine that could be victimized for distant code implementation, was stated to the vendor in some months ago in May.

Continue reading

Default Password Eliminated From Video Surveillance Manager By Cisco

A harmful flaw fixed recently in the Cisco Video Surveillance Manager could let an unverified hacker to log in as base. Cisco exposed the security vulnerability on Friday, influences merely the Video Surveillance Manager software functioning on definite Connected Safety and Security Unified Computing System platforms.

Continue reading

Intel Management Engine JTAG Vulnerability PoC Issued

The security analysts who identified a technique to cooperate Intel’s Management Engine previous year have simply announced proof-of-concept activity code for the now-fixed flaw.

Maxim Goryachy and Mark Ermolov at Positive Technologies have issued a comprehensive walk-through for retrieving an Intel’s Management Engine property called Joint Test Action Group – JTAG, which delivers fixing access to the processor through USB. The proof-of-concept integrates the function of Dmitry Sklyarov, alternative analyst from the firm.

Continue reading

Exploit for Latest Unsafe Apache Struts Flaw Issued

Exploit code for an unsafe isolated code implementation flaw in Apache Struts 2 was issued on GitHub within days after the vulnerability was discussed previous week. Trailed as CVE-2018-11776, the security bug was identified to influence Struts 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and perhaps unverified versions of the famous Java framework.

Continue reading